DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Ambly, the Smart Darknet Spider 

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ambly, the Smart Darknet Spider 

    Title: Ambly, the Smart Darknet Spider

    Description:
    Combating cybercriminal activity requires quick turnover time between detecting indicators of attack and moving to protect or remediate the malicious activity. Currently, investigations slow down at the bottleneck of manual labor required to identify and evaluate cyber threat intelligence before making an actionable decision. While this can be an issue on the Clearnet, it becomes a more difficult problem for analysts on the Darknet. This leaves cybersecurity analysts in a position of constant responsiveness, rather than endorsing a position of preemptive protection.

    To minimize the need for manual labor in the triage stage of cyber threat intelligence identification and preliminary evaluation on the darknet, Ambly, a smart darknet spider, is currently under development. Utilizing this tool will help identify darknet webpages containing cyber threat intelligence and produce a report ranking webpages for further human evaluation.

    Ambly is a tool designed for interacting with the Tor network, hosted by the Tor Project. By connecting to the onion routers, Ambly is able to access ‘.onion’ URLs and begin crawling while gathering information. During the development cycle for Ambly, further layers of machine-learning modules are being added, including Natural Language Processing (NLP) classifications, language identification, and leading toward further development into cyber threat intelligence identification. This is an ongoing and dynamic research endeavor with future updates eminent.
    Main Talking Points:
    - OSINT into CTI
    - Difficulties of CTI on the Darknet
    - Ambly’s current abilities for intelligence gathering.
    - The future of Ambly and Darknet CTI.

    Speaker(s): Levi

    Location: Recon Vlg

    Discord: https://discord.com/channels/7082082...33566051418193

    Event starts: 2020-08-08 13:00 (01:00 PM) PDT (UTC -07:00)

    Event ends: 2020-08-08 13:45 (01:45 PM) PDT (UTC -07:00)

    For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-05T23:34 (UTC).
    Starts
    August 8, 2020 13:00
    Ends
    August 8, 2020 13:45
    Location
    Recon Vlg
Working...
X