🎙️ Fabricio Bortoluzzi
Talk Title: Cyber Threat Intelligence Acquisition with the Cloud Telescope
Abstract
This presentation shows how a distributed, cloud-native Infrastructure-as-Code artefact can be used to collect cyber threat intelligence on the most prevalent malicious traffic affecting the Internet at scale.
The talk will explain how the Cloud Telescope works, how it can be deployed by any individual interested in cloud and cybersecurity, along with the results of a five-month-long experiment using 130 EC2 instances across twenty-six different regions of the world.
It will focus on botnet propagation, including Mirai, Mozi, and Sora.
Presentation Outline:
- Introduction to the Cloud Telescope (3 min)
- Sample data captured by the method (3 min)
- The enrichment pipeline (3 min)
- Cyber threat activity extracted from the 530 million event dataset (10 min)
- How to deploy the CT (5 min)
- Takeaways (3 min)
- Q/A (3 min)
Bio
Fabricio Bortoluzzi is a computer scientist and an associate professor of cybersecurity at Noroff University College, where he teaches operating systems, computer network attack, vulnerability exploitation, and cloud computing.