PEIMA - Harnessing Power Laws to Detect Malicious Activities

Explore a groundbreaking approach to detecting malicious network activities in this 25-minute Black Hat conference talk. Delve into the PEIMA (Power-law Exponent Inspection for Malicious Activity) method, which harnesses power laws to identify and mitigate various cyber threats, including Distributed Denial of Service (DDoS) attacks, intrusion attempts, and abnormal traffic patterns. Learn how this innovative technique can be applied to combat the rising challenges posed by IoT devices and sophisticated attack vectors. Gain insights into the practical implementation of PEIMA, understanding its foundations in power laws, Pareto distribution, and Zipf's law. Discover real-world applications, from detecting DoS attacks to identifying altered processes, and equip yourself with a powerful tool to enhance network security and anomaly detection capabilities.

Introduction
Denial of Service attacks
Internet of Things
What can we do
Firewall
Intrusion Detection System
Anomaly Based Detection
What is PEIMA
Power Laws
Pareto Distribution
Zips Law
Why is this interesting
DoS attacks
March of the Red crabs
Anomaly detection
Detecting altered processes
How to use PEIMA
Example
Conclusion
Questions