Lancope's Tom Cross to Present Poster on Malicious Botnet Behaviors at VizSec 2013

Poster uses visualizations to differentiate botnet command-and-control behavior from legitimate network traffic

Oct 07, 2013, 10:36 ET from Lancope, Inc.

ATLANTA, Oct. 7, 2013 /PRNewswire/ -- Lancope, Inc., a leader in network visibility and security intelligence, announces that its Director of Security Research, Tom Cross, will present a poster at Visualization for Cyber Security (VizSec) 2013 in Atlanta, GA on Monday, October 14. The poster will include visualizations of the command-and-control channels of nearly two million botnet samples in an effort to help foster a better understanding of how botnets operate, and more effectively differentiate them from legitimate network traffic. The poster was created as a result of data analysis conducted by Lancope's StealthWatch® Labs research team.

"Every year, attackers infect millions of computer systems with botnet software designed to steal information or launch other attacks," said Cross. "Botnet data can be challenging to analyze because there are so many variants out there. Through visual representations of the data, we have been able to see clear differences between the network traffic generated by these botnets and legitimate network activity. We hope that exploring this data will lead to new insights that will better enable us to detect and eliminate botnets."


Tom Cross, Director of Security Research, Lancope, Inc.                                       


Poster – "Visual Investigations of Botnet Command-and-Control Behavior"


Monday, Oct. 14, 2013


VizSec 2013, Atlanta Marriott Marquis Hotel, Atlanta, GA


The Lancope poster features data from nearly two million unique botnet malware samples that were active between 2010 and 2012. Lancope's StealthWatch Labs is continuously analyzing attack activity in the wild to build better protection for Lancope customers. By collecting and analyzing flow data from existing infrastructure, the Lancope StealthWatch System provides
in-depth network visibility and security intelligence for fending off a wide range of attacks including botnets, DDoS, zero-day malware, APTs and insider threats.

VizSec 2013 will bring together researchers and practitioners from academia, government and industry to address the various needs of the cyber security community through new and interesting visualization and analysis techniques. It is being held in conjunction with the IEEE VIS 2013 conference. After the conference, the Lancope poster and abstract will be available from the VizSec web site at:

Further details on detecting botnets within the network can be found here:

About Lancope
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today's top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope's StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope's security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit

©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

SOURCE Lancope, Inc.