using zeek for ssl research
play

Using Zeek for SSL Research Hochschule Darmstadt FH Neu-Ulm CA - - PowerPoint PPT Presentation

Dec 14, 2023 •160 likes •515 views

TU Dortmund CA - G01 UNI-FFM CA BVB-CA IASS Potsdam CA Uni Witten/Herdecke CA - G01 Ruhr-Universitaet Bochum CA Hochschule fuer Film und Fernsehen Konrad Wolf CA Musikhochschule Luebeck CA - G01 BfR CA SRH Hochschule Heidelberg CA-G01 UHH

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Zeek 3.0.0 and beyond Robin Sommer robin@corelight.com Just released: Zeek 3.0.0 bro ->

Zeek 3.0.0 and beyond Robin Sommer robin@corelight.com Just released: Zeek 3.0.0 bro ->

Zeek 3.0.0 and beyond Robin Sommer robin@corelight.com Just released: Zeek 3.0.0 bro -> zeek broctl -> zeekctl bro-cut -> zeek-cut bro-pkg -> zkg /usr/local/bro -> /usr/local/zeek *.bro -> *.zeek bro_{init,done} ->

907 views • 13 slides
How FAST can Zeek RUN? ZeekWeek 2019 Jim Mellander Seattle WA Cybersecurity Engineer October

How FAST can Zeek RUN? ZeekWeek 2019 Jim Mellander Seattle WA Cybersecurity Engineer October

Run, Zeek, RUN! How FAST can Zeek RUN? ZeekWeek 2019 Jim Mellander Seattle WA Cybersecurity Engineer October 11, 2019 ESNet Goals for this presentation The Quest for Efficiency started Long Ago Can Zeek run faster without code

791 views • 25 slides
Realtime Communication of MISP , Zeek, and SIEMs Matthias Vallentin Liviu Vlsan Tenzir

Realtime Communication of MISP , Zeek, and SIEMs Matthias Vallentin Liviu Vlsan Tenzir

Realtime Communication of MISP , Zeek, and SIEMs Matthias Vallentin Liviu Vlsan Tenzir CERN Intelligence in Zeek Architecture Intel::Item represents intelligence Intel::Type one of ADDR, SUBNET, URL, SOFTWARE, EMAIL, DOMAIN,

520 views • 20 slides
Visualizing, Analyzing and Filtering Zeek Events using a graphical frontend and OpenGL Nick

Visualizing, Analyzing and Filtering Zeek Events using a graphical frontend and OpenGL Nick

Visualizing, Analyzing and Filtering Zeek Events using a graphical frontend and OpenGL Nick Skelsey ZeekWeek 2019 Seattle, WA 11 October, 2019 AGENDA Motivation 1. State of the art 2. Monopticon 3. Related research 4. 2 CONNECTIVITY

505 views • 24 slides
Thank you to our Sponsors Zeek Package Contest Winners First Prize EternalSafety Package - Lexi

Thank you to our Sponsors Zeek Package Contest Winners First Prize EternalSafety Package - Lexi

Thank you to our Sponsors Zeek Package Contest Winners First Prize EternalSafety Package - Lexi Brent Second Prize Intel-Limiter Package - Jan GrasHoefer Third Prize zeek-sniffpass Package - Andrew Klaus Fourth Prize Known-hosts-with-dns -

177 views • 7 slides
Contributing to Zeek Tim Wojtulewicz, Corelight PROPRIETARY AND CONFIDENTIAL Thats

Contributing to Zeek Tim Wojtulewicz, Corelight PROPRIETARY AND CONFIDENTIAL Thats

Contributing to Zeek Tim Wojtulewicz, Corelight PROPRIETARY AND CONFIDENTIAL Thats Woah-2-la-wits If you were confused by all of the consonants jammed together PROPRIETARY AND CONFIDENTIAL Talking today about how to open pull requests

574 views • 18 slides
Zeek (Bro) Network Security Monitor Sareena K P RISE Lab What is Bro? Facilitates broader

Zeek (Bro) Network Security Monitor Sareena K P RISE Lab What is Bro? Facilitates broader

Zeek (Bro) Network Security Monitor Sareena K P RISE Lab What is Bro? Facilitates broader spectrum of very different approaches to find malicious activity semantic misuse detection anomaly detection behavioral analysis.

617 views • 23 slides
GradientGraph Analytics: Identifying Small Yet High Impact Flows Using Zeek to Optimize Network

GradientGraph Analytics: Identifying Small Yet High Impact Flows Using Zeek to Optimize Network

GradientGraph Analytics: Identifying Small Yet High Impact Flows Using Zeek to Optimize Network Performance ZeekWeek 2019 Reservoir Labs Jordi Ros-Giralt, Sruthi Yellamraju, Peter Cullen, Troy Hanson, James Ezick, Alison Ryan, Erik Mogus,

424 views • 29 slides
eZeeKonfigurator eZeeKonfigurator Vlad Grigorescu Vlad Grigorescu vlad@es.net Zeek Week 2019

eZeeKonfigurator eZeeKonfigurator Vlad Grigorescu Vlad Grigorescu vlad@es.net Zeek Week 2019

eZeeKonfigurator eZeeKonfigurator Vlad Grigorescu Vlad Grigorescu vlad@es.net Zeek Week 2019 Outline Outline 1. Background & Motivation 2. Demo 3. Design & Architecture 4. Roadmap & Future Plans 5. How To Try It (...and

365 views • 21 slides
Zeek - Incident Response and Beyond Aashish Sharma LBNL ZeekWeek-2019 UNIVERSITY OF CALIFORNIA

Zeek - Incident Response and Beyond Aashish Sharma LBNL ZeekWeek-2019 UNIVERSITY OF CALIFORNIA

Zeek - Incident Response and Beyond Aashish Sharma LBNL ZeekWeek-2019 UNIVERSITY OF CALIFORNIA "Bringing Science Solutions to the World" Hundreds of University staff also LBNL staff Rich history of scientific discovery

697 views • 65 slides
Without U there is No CommUnity: Growing and Nurturing an Active and Contributing Community

Without U there is No CommUnity: Growing and Nurturing an Active and Contributing Community

Without U there is No CommUnity: Growing and Nurturing an Active and Contributing Community Amber Graner @akgraner ZeekWeek 2019 - Seattle, WA Amber Graner Who Am I? @akgraner akgraner@zeek.org What do I do? Zeek Director of Community,

444 views • 20 slides
Bro scripts - 101 to 595 in 45 mins Aashish Sharma UNIVERSITY OF CALIFORNIA Zeek scripts - 101

Bro scripts - 101 to 595 in 45 mins Aashish Sharma UNIVERSITY OF CALIFORNIA Zeek scripts - 101

Bro scripts - 101 to 595 in 45 mins Aashish Sharma UNIVERSITY OF CALIFORNIA Zeek scripts - 101 to 595 in 45 mins Aashish Sharma UNIVERSITY OF CALIFORNIA "Bringing Science Solutions to the World" Hundreds of University

873 views • 66 slides
Dynamite-NSM Open-source project for network traffic analysis with Zeek, Suricata, Flow Data and

Dynamite-NSM Open-source project for network traffic analysis with Zeek, Suricata, Flow Data and

Oleg Sinitsin | Dynamite.AI Dynamite-NSM Open-source project for network traffic analysis with Zeek, Suricata, Flow Data and ELK Dynamite Analytics | Dynamite.AI Dynamite Analytics | Dynamite.AI 2 Dynamite Analytics | Dynamite.AI 3

559 views • 20 slides
Some Companies/Insts. Using Zeek SOC operations overview (Microsoft) HTTPS Connection (SSL / TLS)

Some Companies/Insts. Using Zeek SOC operations overview (Microsoft) HTTPS Connection (SSL / TLS)

http.log | HTTP request/reply details conn.log | IP, TCP, UDP, ICMP connection details FIELD TYPE DESCRIPTION FIELD TYPE DESCRIPTION ts time Timestamp of the HTTP request ts time Timestamp of the fjrst packet uid & id Underlying

428 views • 8 slides
Profiling (in production) Justin Azoff - Sr. Support Engineer justin@corelight.com What do I

Profiling (in production) Justin Azoff - Sr. Support Engineer justin@corelight.com What do I

Profiling (in production) Justin Azoff - Sr. Support Engineer justin@corelight.com What do I meen by in production? There are a lot of things you can do to profile a program to figure out what it is doing. With zeek you can process a pcap

993 views • 67 slides
Interactive Mktg. Mgr. Creative KPIs & Heads in Beds | Passenger Count | ROAS Budget

Interactive Mktg. Mgr. Creative KPIs & Heads in Beds | Passenger Count | ROAS Budget

Zeek Coleman Interactive Mktg. Mgr. Creative KPIs & Heads in Beds | Passenger Count | ROAS Budget Budget: $175,000 Goal: Late Summer, Early Fall & All Winter Bookings Run Dates: August 2016 January 2017 Result:

408 views • 21 slides
A I rtific ia l nte llig e nc e is already impacting many parts of our lives In order to

A I rtific ia l nte llig e nc e is already impacting many parts of our lives In order to

A I rtific ia l nte llig e nc e is already impacting many parts of our lives In order to reap the benefits of AI, one needs vast amounts of data that is available through mass digitization; an area in which developing countries lag far

1.23k views • 54 slides
LIFE AFTER CARBON IDEAS THAT ARE CHANGING THE EVOLUTION OF CITIES PLUS THE CLIMATE EMERGENCY

LIFE AFTER CARBON IDEAS THAT ARE CHANGING THE EVOLUTION OF CITIES PLUS THE CLIMATE EMERGENCY

LIFE AFTER CARBON IDEAS THAT ARE CHANGING THE EVOLUTION OF CITIES PLUS THE CLIMATE EMERGENCY & CITIES THE PANDEMIC & LOCAL CLIMATE ACTION PETER PLASTRIK APRIL 28, 2020 2 18 TH CENTURY LONDON 3 COPENHAGEN 21 ST CENTURY First Carbon

285 views • 17 slides
Locking.tdb without locks? SambaXP 2016 Berlin Volker Lendecke Samba Team / SerNet 2016-05-12

Locking.tdb without locks? SambaXP 2016 Berlin Volker Lendecke Samba Team / SerNet 2016-05-12

Locking.tdb without locks? SambaXP 2016 Berlin Volker Lendecke Samba Team / SerNet 2016-05-12 Small tdb intro tdb (Trivial (Tridge) Data Base) is a shared writer key-value store API similar to dbm tdb is implemented as a hash table

228 views • 10 slides
Lets Talk! Uniting Dev and UX to design for Voice Pascal Heynol @ UX Cambridge 2018 Pascal

Lets Talk! Uniting Dev and UX to design for Voice Pascal Heynol @ UX Cambridge 2018 Pascal

Lets Talk! Uniting Dev and UX to design for Voice Pascal Heynol @ UX Cambridge 2018 Pascal Heynol Senior Experience Designer @ USEEDS Above all else, design is communication. Its about getting ideas and information across from one

811 views • 64 slides
POLI 120N: Contention and Conflict in Africa Professor Adida European imprint First, a few

POLI 120N: Contention and Conflict in Africa Professor Adida European imprint First, a few

POLI 120N: Contention and Conflict in Africa Professor Adida European imprint First, a few reminders Important dates Email a TA (dhaim@ucsd.edu, bengelsma@ucsd.edu) by this Thursday 5pm with top three preferences for group country

839 views • 51 slides
Gut das ist? Gut das ist? Die umg Die umgek ekehr ehrte Ar te Architekturbe hitekturbewer

Gut das ist? Gut das ist? Die umg Die umgek ekehr ehrte Ar te Architekturbe hitekturbewer

12.02.15 Gut das ist? Gut das ist? Die umg Die umgek ekehr ehrte Ar te Architekturbe hitekturbewer ertung tung eines Internet-Gig eines Internet-Giganten anten STEFAN ZRNER, EMBARC microXchg 2015 Berlin, 12. Februar 2015 0

677 views • 28 slides
GOLDEN ROTATIONS OLIVER KNILL Abstract. These are expanded preparation notes to a talk given on

GOLDEN ROTATIONS OLIVER KNILL Abstract. These are expanded preparation notes to a talk given on

GOLDEN ROTATIONS OLIVER KNILL Abstract. These are expanded preparation notes to a talk given on February 23, 2015 at BU. This was the abstract: We look at Birkhoff sums S n ( t ) /n = n k =1 X k ( t ) /n with X k ( t ) = g ( T k t ), where

650 views • 44 slides
Postgres As Your New DevStack Postgres as a tool for software developers Susanne Schmidt

Postgres As Your New DevStack Postgres as a tool for software developers Susanne Schmidt

Postgres As Your New DevStack Postgres as a tool for software developers Susanne Schmidt PGConf.eu 2018 (Lisbon) Who am I? Susanne Su-Shee Schmidt tech lead at SysEleven GmbH (Berlin) political scientist by education doing open source

426 views • 29 slides

More recommend