Daniel Peck to present phishing detection methods at AppSec USA

Version imprimable, PDF et e-mail

AppSec USA is coming up next week and our own Daniel Peck will be there to discuss a new approach to phishing detection.  Daniel is a Principal Research Scientist who works primarily on studying social networks as an attack vector.  He has created a large body of work in research, such as:

  • Comparing content and non-content based systems to identify malicious accounts on Twitter/Facebook
  • Exploiting programmable logic controllers
  • Identifying/classifying malicious javascript

Here's the description of Daniel's AppSec 2014 presentation:

We will discuss current approaches to phishing detection, and present a new one along with accompanying tool.

We will discuss several perceptual hashing algorithms, and describe how we can leverage them to detect phishing sites masquerading as popular sites such as Paypal, Amazon, and others.

Code to collect and identify these malicious sites, and a browser extension leveraging will be explained, demonstrated and released for attendee use and study.

Daniel is not new to AppSec USA.  Last year his presentation focused on scripting Android applications. Watch it here:

AppSec USA is an annual software security conference for developers, security auditors, risk managers, executive management, government, press, law enforcement, entrepreneurs, and more.  Everyone with an interest in software security will find something at AppSec.  Here's what the conference has to offer:

  • Insightful keynote addresses delivered by leading industry visionaries from thought leaders of critical infrastructure.
  • Over 50 sessions
  • World-renowned subject matter experts
  • Five core tracks: builder, breaker, defender, management, DevOps
  • An all-new, workshop-style Skills Lab track providing instruction and hands-on experience with essential security tools and skills
  • Over a thousand attendees exclusively focused on Software Security
  • A career fair and sponsor expo featuring top companies in the industry

The conference is also a major fundraiser for OWASP, the Open Web Application Security Project.  The OWASP Foundation is an open-source, non-profit  application security organization made up of organizations and individuals from around the world.  The OWASP Foundation is the de-facto standards body for web application security used by developers and organizations globally.

AppSec USA 2014 will be held in Denver Colorado, September 16-19.  Daniel's presentation is titled ‘Red Phish Blue Phish:  Improved Phishing Detection Using Perceptual Hashing.'  It will take place on Thursday September 18, 2014 2:00pm – 2:45pm, in the Colorado Ballroom E.  More info here at the AppSec site.

Update: here's Daniel at AppSec. It was awesome.

Remonter en haut de page