From Kickstarter to Wikipedia, crowdsourcing has become an incredibly popular way for organizations to tap into the collective intelligence of online communities. For the first time, organizers of the RSA Conference are allowing members of the information security community to vote on a new, crowdsourced session track through April 2nd.
This year, the OpenDNS Security Labs team has decided to submit several talks on new subjects ranging from the Internet of Things (IoT) to global trends in malware attack campaigns. Members of the team are encouraging members of the infosec community to vote for OpenDNS’s crowdsourced sessions as a group on the RSA Conference website or individually, via the links below.
Andrew Hay, director of security research at OpenDNS Security Labs, will be presenting “The Researcher’s Guide to the Internet of Things,” one of the first sessions to explore actual, anonymized data from IoT devices used on enterprise networks. Gartner reports that by the end of 2017, 20 percent of enterprises will have controls for securing IoT use in the enterprise. Hay plans to present techniques that professionals can use to analyze IoT device use on their own networks. Hay will also discuss some of the surprising findings that were uncovered after analyzing actual enterprise traffic.
Hay will also be presenting another talk on global trends in malware and other attack campaigns. Titled “The Freaks (and Malware) Come Out at Night,” this talk will use new data from a global cross-section of malicious traffic analyzed by OpenDNS. This second session will show the increased prevalence for malware and botnet campaigns to occur at night, when most workers in the Western Hemisphere are using personal devices and are off corporate networks. The talk will include a discussion of the possible reasons for this trend and the implications for security professionals.
Jeremiah O’Connor, security researcher at OpenDNS will present a session discussing the development of NLPRank, a new advanced threat detection model that uses natural language processing techniques. Discussed previously on this blog, NLPRank uses natural language processing coupled with HTML analysis and ASN mapping across billions of DNS records to predict both opportunistic phishing campaigns and attacks directed at high-value targets. O’Connor’s talk, “NLP for APT via DNS” will use examples of in-the-wild attack campaigns and data from older attacks against high-value targets to show the value of this new approach in detecting attacks.
According to the conference website, voting is open to the public, as well as conference attendees, although registered RSA attendees count twice toward the final total. Voters are not limited to a single choice — they can pick an unlimited number of sessions and even change votes until April 2nd. The top 25 sessions by vote total will then go on a shortlist that the RSA session judges will use to make final selections.