Attacks are normally designed to compromise users and steal sensitive data, they are increasing in magnitude and velocity as cybercriminals leverage automated tools. When it comes to threats, automation does much more than simply churn out malicious widgets. The cost of any action that can be automated quickly drops to near zero, and without the overhead of incremental costs, attackers are free to run their attacks as broadly as possible. Given enough time, an attacker can sit back and let his scripts slowly find, test, and attack every available target on the Internet.
In this work, we will show and discuss some techniques to improve WEB attacks and explore it to create better methods to optimize protection using a framework developed by us to automate such attacks and therefore improve protection methods.
We show our tool called 0din, a framework created using threads, parallel computing techniques and some machine learning techniques such as Naive Bayes, for example. It can be used to automate web attacks and protections in order to help people create better tests and improve security. In this talk we will show comparison tests with other tools of the same type. The attack and protection tests using this framework and results that we have obtained such as interesting performance and accuracy in our research provide a rich knowledge to improve protection and better automation using our framework against attacks.
The 0din framework and tools used to gather the results used to make our proof-of-concept along with all information about 0din development will be avaliable to the audience on Github.
Alan Silva is a Security Researcher and Software Engineer at CONVISO experienced with a wide range of security systems and network technologies. Alan brings technical background in cryptography, mathematics, application security and secure software development. Alan has been a member of Unix groups for several years such as BSD Certification and developer of popular open source software ModSecurity. Nowadays, Alan is currently focused on security research that involves Mobile Malware Analysis, Mobile Privacy, Rootkit Detection and new Security Products and Protocols.
Antonio Costa is a Computer Programmer who loves the Hacker culture, he work as system analyst at CONVISO for three years. Nowadays, Antonio working with code review, pentest and security research with focus on Secure Web Applications and Reverse Engineering and he has speaking in some Brazilian Security Conferences such as YSTS, OWASP Florianopolis and Bsides São Paulo.