Fwd: [security-lunch] Nov 19 | Georgios Smaragdakis on "A Haystack Full of Needles: Detecting and Understanding Botnets in the Wild"
0 views
Skip to first unread message
Alan Karp
12:53 PM (11 hours ago) 12:53 PM
to <friam@googlegroups.com>
--------------
Alan Karp
---------- Forwarded message ---------
From: Michael Leo Paper <mpa...@stanford.edu>
Date: Mon, Nov 17, 2025 at 9:33 AM
Subject: [security-lunch] Nov 19 | Georgios Smaragdakis on "A Haystack Full of Needles: Detecting and Understanding Botnets in the Wild"
To: securit...@lists.stanford.edu <securit...@lists.stanford.edu>
From: Michael Leo Paper <mpa...@stanford.edu>
Date: Mon, Nov 17, 2025 at 9:33 AM
Subject: [security-lunch] Nov 19 | Georgios Smaragdakis on "A Haystack Full of Needles: Detecting and Understanding Botnets in the Wild"
To: securit...@lists.stanford.edu <securit...@lists.stanford.edu>
Security Lunch 🍂 Ed. — Wednesday, Nov 19th, 2025, 12:00 pm @ CoDa E160
A Haystack Full of Needles: Detecting and Understanding Botnets in the Wild
Georgios Smaragdakis
Can't make it in person? Join us on
zoom.
See our past & upcoming events on our
website!
Abstract:
Botnets and associated malware are not new, but they consistently rank among the top cybersecurity threats. In this talk, I will provide an overview of our ongoing efforts to detect compromised devices early, identifying those ready to be weaponized as bots.
I will present our method to identify compromised SSH servers at scale. For this, we utilize SSH's behavior to send a challenge only during public key authentication, checking if the key is present on the system. Our technique neither allows us to access compromised
systems (unlike, e.g., testing known attacker passwords), nor does it require access for auditing purposes. I will share our experience on enabling targeted clean-up efforts. I will also present how the research network infrastructures we operate enable the
detection of botnet campaigns at an early stage, shed light on the evolution and firepower of botnets, and contribute to reverse engineering, attribution, and the takedown of botnets.
Bio:
Georgios Smaragdakis is a Professor of Cybersecurity at Delft University of Technology, currently appointed as a visiting Professor of Computer Science at Stanford University. He is also a researcher with the Max Planck Institute for Informatics and the Berlin
Institute for the Foundations of Learning and Data. In the past, he held research positions at the MIT Computer Science and Artificial Intelligence Laboratory, the MIT Internet Policy Research Initiative, TU Berlin, Boston University, and at research labs,
including Akamai, Deutsche Telekom Labs, and Telefonica Research. His research was awarded a European Research Council Starting Grant, a Marie Skłodowska-Curie International Outgoing Fellowship, Best Paper Awards at USENIX Security, ACM SIGCOMM, ACM IMC, ACM
CoNEXT, IEEE INFOCOM, and several prizes, including the 2025 USENIX Internet Defense Prize, IETF/IRTF Applied Networking Research Prizes, "Best of Computer Communication Review", and Communications of the ACM Research Highlights.
security-lunch mailing list
securit...@lists.stanford.edu
https://mailman.stanford.edu/mailman/listinfo/security-lunch
Reply all
Reply to author
Forward
0 new messages