Presentation is loading. Please wait.

Presentation is loading. Please wait.

Smart Protection Network Kelvin Liu AVP, Core Tech Development.

Published byMiles Weaver Modified over 9 years ago

Similar presentations

Presentation on theme: "Smart Protection Network Kelvin Liu AVP, Core Tech Development."— Presentation transcript:

1 Smart Protection Network Kelvin Liu AVP, Core Tech Development

2 Copyright 2008 - Trend Micro Inc. Malware is multiplying Malware is sophisticated Malware is profit driven Spam Spyware Botnets Complexity Worms Web Evolving Threat Landscape Malware is getting increasingly dangerous and harder to detect.

3 Copyright 2009 - Trend Micro Inc. Internal - Confidential Example : Conficker / Downadup Internet User receive a spam mail User open the mail then automatically download a file The file register itself as a system service Monitor the Internet browser’s address bar Block access to certain websites Connect to various websites, download other malicious files

4 Copyright 2009 - Trend Micro Inc. Feb 2009 Internal - Confidential Smart Protection Network against Conficker Incident Trigger Email Reputation Web Reputation File Reputation Monitor Many clients’ processes are dropping similar filenames in a short time Many clients access or modify the same system file in a short time Many clients accessed similar/same registry keys in a short time Community Intelligence Smart Protection Network Correlate to figure out where the threat come from & where it would connect to Correlate to figure out where the threat come from & where it would connect to FileScore FromConnect to Crypt.NS.GenX129.24.11.3/aexjiire/Euwl.tsst.com:88/e34jg/ Dropper.GenXNdj.sexadult.com/ssr/ee112.42.5.112:80/ Nqe.exeVwww.xyz.comwww.abc.com Conflicker_DXqd.wqwwor.com/omnadasm0.info:80/bugsy Conflicker_DXFdjhg.wopqfe.com7f7fewf.cn:80/sina/ Correlation Customer Feedback Log Immediate Protection

5 Copyright 2009 - Trend Micro Inc. Incident Trigger Email Reputation Web Reputation File Reputation Monitor Correlation Feb 2009 Smart Protection Network against Conficker Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Threat Intelligence Correlation Immediate Protection

6 Copyright 2009 - Trend Micro Inc. Email Reputation Web Reputation File Reputation Incident Trigger Monitor Correlation Feb 2009 Smart Protection Network against Conficker Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Threat Intelligence Correlation Immediate Protection

7 Copyright 2009 - Trend Micro Inc. What & How Trend Micro use Cloud Computing Feb 2009 Internal - Confidential OS Server Farm Smart Protection Network Tracking System Hadoop ( HBASE / Meta Data ) Virtualization Hadoop (HDFS) Message Routing framework MapReduce Clustering Clawer Analyzer Monitor Incident Trigger Correlation HTTP DNS FTP Operating system Infrastructure Data Archive Data Processing Correlation

8 Copyright 2009 - Trend Micro Inc. Feb 2009 Internal - Confidential Why Smart Protection Network Time to Protect Less Complexity Threat Intelligence Reduce Cost Immediate Protection Early Warning Immediate Protection Early Warning Lightweight Clients Less Memory Usage Lightweight Clients Less Memory Usage Reduce Downtime Costs Reduce Hardware Costs Reduce Downtime Costs Reduce Hardware Costs Threat Lifecycle Management

9 Copyright 2009 - Trend Micro Inc.

10 Thank You 業務專線 : (02) 2378-2666

Download ppt "Smart Protection Network Kelvin Liu AVP, Core Tech Development."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Copyright 2010 Trend Micro Inc. Cloud – Risques ou Opportunités Luis Delabarre – Solutions Architect.

Copyright 2010 Trend Micro Inc. Cloud – Risques ou Opportunités Luis Delabarre – Solutions Architect.
A look into Bullet Proof Hosting November 2014 - DefCamp 5 Silviu Sofronie – Head of Forensics

A look into Bullet Proof Hosting November DefCamp 5 Silviu Sofronie – Head of Forensics
SPAM/BOTNETS and Malware  Neil Warner, CIO, GoDaddy.com  Moderator: Dan Kaplan, deputy editor, SC Magazine.

SPAM/BOTNETS and Malware  Neil Warner, CIO, GoDaddy.com  Moderator: Dan Kaplan, deputy editor, SC Magazine.
Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.

Copyright 2012 Trend Micro Inc. Raimund Genes, CTO Innovation In Cloud Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
Threats To A Computer Network

Threats To A Computer Network
BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
COMPUTER TERMS PART 2. NETWORK When you have two or more computers connected to each other, you have a network. The purpose of a network is to enable.

COMPUTER TERMS PART 2. NETWORK When you have two or more computers connected to each other, you have a network. The purpose of a network is to enable.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
The internet and the WWW

The internet and the WWW
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google