Rohyt Belani
April 25, 2005
Presentation Title: Trends in Real World Attacks: A Compilation of Case Studies
Presentation Details:
The number of reported security incidents has always been proportional to the number of vendor-issued vulnerabilities. However, recently this trend seems to have broken. This can be attributed to an increase in attacks against custom applications, attacks targeting end-users, zero-day exploits, and self-propagating worms. This presentation will discuss such trend-breaking real world attacks ranging from the installation of keystroke-logging Trojans on end-user machines through an IE buffer overflow to attacks against wireless clients. Each case study will discuss the motivation of the attack, an overview of the underlying technical details and its impact on business.
About Rohyt:
Rohyt Belani is a Director with Red Cliff Consulting. His expertise encompasses the areas of wireless security, application security and incident response. Rohyt is also an experienced and talented instructor of technical security education courses.
Prior to joining Red Cliff, Mr. Belani was a Principal Consultant at Foundstone. Earlier in his career, he was a Research Group Member for the Networked Systems Survivability Group at the Computer Emergency Response Team (CERT).
Mr. Belani is a frequent author of articles for SecurityFocus, a reputed information security portal. He is also a contributing author for the Osborne publication, Hack Notes – Network Security. Rohyt is a regular speaker at various industry conferences and forums like OWASP, HTCIA, FBI-Cyber Security Summit, HP World, New York State Cyber Security Conference and HackInTheBox-Malaysia. Additionally, he has presented at several Institute of Electrical and Electronics Engineers (IEEE) and Association for Computing Machinery (ACM) -sponsored conferences on the topics of fault-tolerant distributed systems, wireless networks, and advanced network simulation.
Mr. Belani holds a Bachelor of Engineering in Computer Engineering from Bombay University and a Master of Science in Information Networking from Carnegie Mellon University. He is a Certified Information Systems Security Professional (CISSP).