Smart Protection Network

                                   Kelvin Liu
                 AVP, Core Tech Development
Evolving Threat Landscape


     Malware is           Malware is                          Malware is
     multiplying     ...
Example : Conficker / Downadup




       User receive
       a spam mail                                      Internet
  ...
Smart Protection Network against Conficker

                        Many clients’ processes are dropping
                 ...
Smart Protection Network against Conficker


                                        Threat Intelligence



              ...
Smart Protection Network against Conficker


                                        Threat Intelligence



              ...
What & How Trend Micro use Cloud Computing




                           HTTP                   DNS                      ...
Why Smart Protection Network



                 Time to Protect                         Threat Intelligence

            ...
Copyright 2009 - Trend Micro Inc.
Thank You




業務專線 : (02) 2378-2666
Upcoming SlideShare
Loading in...5
×

Smart Protection Network

601

Published on

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
601
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
17
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • During today’s presentation we will cover a variety of topics. We’ll start with an overview of the changing threat landscape, explain what Smart Protection Network is and does and then wrap it up with any questions you may have.
  • Smart Protection Network

    1. 1. Smart Protection Network Kelvin Liu AVP, Core Tech Development
    2. 2. Evolving Threat Landscape Malware is Malware is Malware is multiplying sophisticated profit driven Complexity Web Botnets Spyware Spam Worms Malware is getting increasingly dangerous and harder to detect. Copyright 2008 - Trend Micro Inc.
    3. 3. Example : Conficker / Downadup User receive a spam mail Internet User open the mail then automatically download a file Connect to various websites, download other malicious files The file register itself as a system service Monitor the Internet Block access to browser’s address bar certain websites Internal - Confidential Copyright 2009 - Trend Micro Inc.
    4. 4. Smart Protection Network against Conficker Many clients’ processes are dropping similar filenames in a short time Community Intelligence Many clients access or modify the same system file in a short time Many clients accessed similar/same registry keys in a short time Customer Incident Feedback Log Trigger File Reputation Correlation Web Reputation Monitor Smart Protection Network Immediate Protection Email File Score From Connect to Reputation Correlate to figure Crypt.NS.Gen X 129.24.11.3/aexjiire/ Euwl.tsst.com:88/e34jg/ out where the threat Dropper.Gen X Ndj.sexadult.com/ssr/ee 112.42.5.112:80/ come from & where Nqe.exe V www.xyz.com www.abc.com it would connect to Conflicker_D X qd.wqwwor.com/om nadasm0.info:80/bugsy Conflicker_D X Fdjhg.wopqfe.com 7f7fewf.cn:80/sina/ Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    5. 5. Smart Protection Network against Conficker Threat Intelligence Incident Trigger File Reputation Correlation Web Reputation Monitor Immediate Protection Email Reputation Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Feb 2009 Copyright 2009 - Trend Micro Inc.
    6. 6. Smart Protection Network against Conficker Threat Intelligence Incident Trigger File Reputation Correlation Web Reputation Monitor Immediate Protection Email Reputation Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Feb 2009 Copyright 2009 - Trend Micro Inc.
    7. 7. What & How Trend Micro use Cloud Computing HTTP DNS FTP Monitor Incident Trigger Correlation Correlation Clustering Analyzer Clawer MapReduce Data Processing Tracking System Hadoop ( HBASE / Meta Data ) Data Archive Message Routing framework Hadoop (HDFS) Infrastructure Virtualization Operating system OS Server Farm Smart Protection Network Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    8. 8. Why Smart Protection Network Time to Protect Threat Intelligence Immediate Protection Threat Lifecycle Early Warning Management Less Complexity Reduce Cost Lightweight Clients Reduce Downtime Costs Less Memory Usage Reduce Hardware Costs Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    9. 9. Copyright 2009 - Trend Micro Inc.
    10. 10. Thank You 業務專線 : (02) 2378-2666
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×