Stratosphere Project

Protecting NGOs and CSOs

https://stratosphereips.org

Sebastián García

sebastian.garcia@agents.fel.cvut.cz

NGOs and CSOs

Help NGOs/CSOs from the University.

Stratosphere Project

Apply Machine Learning to detect malicious behaviors in the network by respecting the privacy.

Analyzes large amounts of malicious and normal flows

Stratosphere Project

Largest Academic Botnet Dataset for Research: CTU-13

 

+130 Published Labeled Malware Datasets.

 

Verified Normal Traffic from hosts in the University.

 

Privacy and Performance

Model the behavior of each connection

Stratosphere Project

Each flow has features that define its state.

Each state is assigned a letter.

Detect the malicious behaviors by analyzing the letters

Stratosphere Project

Markov Models

Neural Networks

Behavior of the Host

From the letters create a Markov Chains behavioral model

Stratosphere Project

Obtain the behavior of all the connections

Stratosphere Project

The models of malicious behaviors are stored and grouped.

Detect similar behaviors in unknown networks.

Protecting NGOs

Needs support to continue working with:

Probability that a connection was generated by a malicious behavior?

About me

Computer Science PhD focused on Malware Behavior Security.

10 years professional Penetration Testing in 8 countries (Wassenaar Agreement clearance).

Join project 2006 Argentina-U.S. DoD (ARL) for a behavioral IDS.

10 years experience security teaching in 8 countries and 5 Universities.

15 Conference/Journal Papers.