O
Olivier Thonnard
Researcher at Symantec
Publications - 59
Citations - 1181
Olivier Thonnard is an academic researcher from Symantec. The author has contributed to research in topics: The Internet & Cluster analysis. The author has an hindex of 19, co-authored 57 publications receiving 1061 citations. Previous affiliations of Olivier Thonnard include University of Lisbon & Institut Eurécom.
Papers
More filters
Journal ArticleDOI
A framework for attack patterns' discovery in honeynet data
Olivier Thonnard,Marc Dacier +1 more
TL;DR: This work describes an analysis framework specifically developed to gain insights into honeynet data that clustering attack patterns with an appropriate similarity measure provides very good candidates for further in-depth investigation, which can help to discover the plausible root causes of the underlying phenomena.
Book ChapterDOI
An analysis of rogue AV campaigns
TL;DR: A longitudinal analysis of the rogue antivirus threat ecosystem, focusing on the structure and dynamics of this threat and its economics, is presented, using a large dataset of characteristics ofRogue antivirus domains and of the servers that host them.
Proceedings ArticleDOI
Mind Your Blocks: On the Stealthiness of Malicious BGP Hijacks
TL;DR: This paper analyses 18 months of data collected by an infrastructure specifically built to answer the question: are intentional stealthy BGP hijacks routinely taking place in the Internet and believes to be more than 2,000 malicious hijacks leads to a positive answer.
Book ChapterDOI
Industrial espionage and targeted attacks: understanding the characteristics of an escalating threat
TL;DR: An in-depth analysis of a large corpus of targeted attacks identified by Symantec during the year 2011 is provided, showing that at least eight attack campaigns started about two weeks before the disclosure date of the exploited vulnerabilities, and therefore were probably using zero-day attacks at that time.
Book ChapterDOI
That Ain't You: Blocking Spearphishing Through Behavioral Modelling
TL;DR: This work proposes a change of focus in the techniques that are used for detecting malicious emails: instead of looking for features that are indicative of attack emails, they look for emails that claim to have been written by a certain person within a company, but were actually authored by an attacker.