Podcast recap: Identifying worms, bots, fraud and other malicious traffic (with guest Fang Yu)

Introduction

Fang Yu is CTO of fraud detection platform DataVisor. She is also a prolific writer and conference presenter and has filed over 20 patents. Fang spoke with Infosec‘s Cyber Work podcast about her work developing algorithms and building systems for identifying malicious traffic such as worms, spam, bots, fake queries and account hijacking.

Fang told us about working in the area of threat detection:

“Detecting attacks is pretty complicated and complex. It’s very challenging and it also a very, very important task; without that, everybody including every end user would be affected. That’s a very, very important thing.”

From Microsoft cybersecurity researcher to startup co-founder

Whack-a-mole cybersecurity

Fang began her career as part of the Microsoft cybersecurity research team looking into the myriad threats made against the company’s products. Problems included spam issues in Hotmail, Xbox payment fraud, and so on. The team would analyze the attacks and come up with solutions. It was like whack-a-mole: the team would build up solutions over time, then adjust them as the threats changed.

During the research, it became clear to Fang that professional cybercriminals use a complex network of specialized actors to perpetrate their cybercrimes. For example, the network will demarcate roles: one may have the role of creating the proxy IP, another specializes in the data breach specifics, another pulling the entire attack together. 

Fang went on to point out that locating the root of the problem is a key piece of detective work. Going back to the whack-a-mole analogy, being able to capture “mole” after “mole” and building up a holistic methodology to prevent a cyberattack became a key reason behind the startup phase of her new venture:

“Have a way to capture things before they start to attack and capture things at the root, rather than (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/TMSdAXb-R-Y/