AI-Hunter How It Works

See How it Works

In the clips below, John Strand explains how AI-Hunter can help your company detect threats from malicious malware.

AI-Hunter Overview

A seven minute overview of the problem AI-Hunter solves and how it does it. John discusses how modern backdoors communicate with their command and control (C&C) servers. He discusses the challenges faced with identifying backdoor traffic using classic security tools and techniques. He then dives into the unique way AI-Hunter shines a spotlight on this traffic.

DNS

It is common for attackers to use DNS as a backdoor command and control channel. However, it is very hard to detect with traditional IDP/IPS technologies.

Why? Because the data in DNS isn’t consistent enough to write a signature and the servers used are usually trusted DNS servers. See how AI-Hunter can easily detect these troublesome backdoors.

Beaconing Backdoor (VSAgent)

In this video, we walk through a proof of concept backdoor which almost all traditional IDS/IPS systems will not detect. It will introduce you to the difficulty of detecting beaconing backdoors and it will show how AI-Hunter can easily detect these implants.

Social Media Backdoor

Attackers are hiding even deeper in the websites you use every day – sites like Gmail, Tumbler, and Dropbox can be used as command and control servers for malware.

In this video, we show how AI-Hunter can be used to easily detect these backdoors with beaconing data size analysis.

  • John Strand is the owner of Black Hills Information Security and the co-founder of Active Countermeasures.