William Robinet
William manages the technical team behind AS197692 at Conostix S.A. in Luxembourg. He’s been working in cybersecurity using free and opensource software on a daily basis for more than 25 years. Recently, he presented his work on SSL/TLS toolkits at Nullcon 2025 in Goa and Hack.lu 2025 in Luxembourg. He contributed to the cleanup and enhancement efforts done on ssldump lately. He particularly enjoys tinkering with open (and not so open) hardware. Currently he likes playing around with new tools in the current ML scene, building, hopefully, useful systems for fun and, maybe, profit. When not behind an intelligent wannabe machine, he's doing analog music with his band of humans.
Session
Nowadays, the detection of generic mass-scale phishing attacks is quite
effective. Techniques that leverage indicators of compromise (IOCs) collection
and sharing tools, such as MISP (the Open Source Threat Intelligence Sharing
Platform), are well established and give good results in the field. However,
detection of targeted attack attempts aka spear-phishing, is much more
challenging because the attackers exploit contextual information about the
targets they aim for.
By using up-to-date, relevant and precise information about the inner
operations of the targeted company, attackers can make their deception far more
effective.
SPOT makes use of state-of-the-art natural language
processing (NLP) techniques based on machine learning (ML) and large language
models (LLMs) in particular to try to detect and prevent spear-phishing
attack attempts.
This opensource project was co-financed by the LU-CID initiative by the Ministry
of Economy Luxembourg.