Profiling hackers: real data, real experiences, wrong myths


  download slides (PDF)

Imagine being able to preview an attacker's next move based on the traces left on compromised machines. That's the aim of the Hacker's Profiling Project (HPP), an open methodology that hopes to enable analysts to work on the data (logs, rootkits and any code) left by intruders from a different point of view, providing them with a profiling methodology that will identify the kind of attacker and therefore his modus operandi and potential targets.

This paper will cover the following:

  • InfoSec - Information Security - what does it mean?
  • Cybercrime: how history can help us
  • Profiling the enemy: looking into the hacker's world
  • HPP: the Hacker's Profiling Project
  • What has changed?
  • References & books you should read


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.