Enigma 2020 has ended
Back To Schedule
Wednesday, January 29 • 2:00pm - 2:30pm
Adventures with Cybercrime Toolkits: Insights for Pragmatic Defense

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

When it comes to improving the state of defense in the cybercrime arms race, all too common advice is to be more proactive than reactive. However, close examination of the modus operandi of cybercriminals suggests a great deal of their pragmatism and adaptability to defensive moves. Among other blindspots, exploitable opportunities pursued by cybercriminals typically stem from flaws in the design, implementation, configuration, and deployment of systems. In essence, cybercriminals monetize these blindspots to stir the arms race in their favor.

Using a multi-faceted analysis of pre-packaged cybercrime tools called exploit kits, this talk argues and illustrates that defenders should as well be pragmatic and adaptive enough to turn the weakest links of cybercriminals into concrete opportunities to counter cybercrime. We use the exploit kit phenomenon to highlight how defenders could combine reactive, proactive, and offensive strategies towards pragmatic defense.

On the reactive front, we describe how seemingly simple yet identifying configuration and deployment artifacts are used to identify active exploit kits in the wild. On the offensive side, we illustrate how access to exploit kits source code is leveraged towards an automated infiltration and legally authorized takedown of live exploit kits. On the proactive front, we highlight how lessons learned from reactive and offensive strategies are combined toward real-time threat detection. The talk leaves the audience with key takeaways on pragmatic defense strategies in the face of an adaptive cybercriminal with motives and means.


Birhanu Eshete

University of Michigan, Dearborn
Birhanu Eshete is an Assistant Professor of Computer Science at the University of Michigan, Dearborn, where he leads the Data-Driven Security and Privacy Lab. Prior to that, he was a Postdoctoral Researcher in the Systems and Internet Security Lab at the University of Illinois at... Read More →

Wednesday January 29, 2020 2:00pm - 2:30pm PST
Grand Ballroom