Patrick Kuo is a threat researcher and hunting system operator for TXOne Networks. He focused on big data analysis, threat hunting engine building and threat hunting system development. For big data analysis, Patrick has focused on monitoring and classifying malicious payloads from big data, and then analyzing the correctness and uniqueness of these payloads. For the threat hunting engine, Patrick focused on building, integrating, refactoring and improving the engine to improve its ability to hunt malicious attacks and payloads. For the threat hunting system, Patrick focused on creating complete and adjustable infrastructure to process and analyze large amounts of data flow in real-time.
This talk will share how we built an automated large-scale IoT threat hunting system, and will share a deep look into the overall threat situation and trends compiled from six target examples in the past year.