Last week’s s4 event at OpenDNS headquarters in San Francisco was quite a success! We opened our office  to security professionals in the San Francisco Bay Area and enjoyed a night of fun conversation, good food, and cool presentations.


Thibault (@ThibaultReuille) and I presented an extensive study on the recently raging Cryptolocker ransomware. The method, called Ripple Effect, resembles how a disease epidemic is detected and contained – by analyzing intelligence of Patient Zero to locate patient #1, and further to patient #2 and so on. The futuristic predictive ability of our detection models comes to life in the 3-D visualization by Thibault Reuille, a veteran OpenGL expert and talented data visualization artist. If you missed them at S4, don’t miss the BayThreat conference for their presentations on InfoSec data visualization, featuring a live demo of OpenDNS’s Security Graph, Syrian Electronic Army attack, computer networks at large scale, Cryptolocker DGA visualization, etc.

We also hosted two guest presenters from the SF security community: Chris Grier of UC Berkeley and Saeed Abu-Nimeh, distinguished scientist at PayPal. Chris presented on trafficking of fraudulent social media accounts, a fun but insightful study where they spent ten months and 5,000 dollars buying 121,000 spam twitter accounts from 27 underground sellers. Each fake account was purchased for as low as 0.004 cents. They developed a temporal analysis technique of monitoring the twitter account registration process that successfully identifies such accounts more than 99% of the time. For more detail of his studies on this topic, visit Chris’s website.

Saeed discussed his recent work on identifying fraudulent accounts used as fronts for contraband. He trains a random forest classifier on 2 million Paypal data points of web content categorization and network features.

We’ll see you live at the next S4 event, but until then you can hang out with us right here on the blog. 

This post is categorized in: