Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 5 June 2019
  • Workshops will be held on 4 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here
Back To Schedule
Tuesday, June 4 • 10:00 - 14:00
Detecting Evil with Network Traffic Analysis

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

What does badness look like on the wire? How can you recognize a DDoS versus nmap scan vs remote access vs data exfiltration? Understanding network protocols (yes, RFCs!) and being able to extract artifacts from network traffic is essential in many fields - incident response, forensics, security operations - the list goes on. Recognizing the hallmarks of various types of attacks is also key. In this workshop we will walk through custom packet captures to explore examples of various types of attacks.  

This workshop is designed for a variety of experience levels. We will start with the basics of TCP/IP and review how network traffic flows, then ease into the analysis part. I encourage anyone with an interest to participate. For more advanced students there will be additional questions/challenges to keep you occupied.

What you need to bring:
- A box capable of running Wireshark, more materials will be provided closer to the event.


Marcelle Lee

Marcelle is security practitioner but also an educator at heart, and delivers many talks and workshops. Marcelle's passion lies in several areas but network traffic analysis is at the top of the list. She has delivered traffic analysis workshops at Thotcon, SkyDogCon, BSidesCharm... Read More →

Tuesday June 4, 2019 10:00 - 14:00 BST
Track 2 ILEC Conference Centre 47 Lillie Road London SW6 1UD