OpenDNS is now part of Cisco Learn More

About Thibault Reuille

Thibault Reuille is a security researcher at OpenDNS and creator of OpenGraphiti, an open-source 3D data visualization engine. Prior to OpenDNS, he was a software engineer for Nvidia, where he helped develop the Nvidia Parallel Nsight integrated development environment for GPU computing and graphics applications. Thibault holds a Master’s in information technology from the EPITA in Paris. He has presented at many information security events, including Virus Bulletin, BlackHat, CanSecWest, BayThreat, Defcon, BSides SF, and the NASA Ames Cyber Security Turbo Talks.

Posts by Thibault Reuille:

BlackHat Asia 2016: OpenDNS Labs Travels to Singapore to Talk About Real-Time Detection Techniques

This past March OpenDNS Labs had the privilege of presenting at BlackHat Asia 2016, hosted at the Marina Bay Sands in Singapore. At the conference our team got to present some of the cool data science and data engineering research that we are working on at OpenDNS Labs. This was one of the more technical conferences we have attended, and it was exciting to see a mix of very talented info sec folks from all over the world.

At the conference, ...

FloCon 2016 Recap

Last week, OpenDNS Research Labs attended FloCon 2016 where we presented two talks showcasing our latest work in threat research and development.  First, Jeremiah O’Connor and Thibault Reuille presented “The Security Wolf of Wall Street: Fighting Crime with High-Frequency Classification and Natural Language Processing” The talk was received very nicely, and Thibault and Jeremiah enjoyed getting some great technical questions from the audience, which gave us some more fuel to go back and improve our system.

Then Dhia Mahjoub and Thomas ...

The Avalanche Project: When High Frequency Trading Meets Traffic Classification

One of the key challenges for OpenDNS (now part of Cisco) is handling a massive amount of DNS queries and simultaneously running classification models on them as fast as possible. Today, we’re going to talk about Avalanche, a real-time data processing framework currently used in our research cluster.

First, we have to run some numbers to evaluate the amplitude of our requirements and make smart architecture design decisions. Second, we will assess some similarities with other technical fields (such as quantitative ...

Phishing, Spiking, and Bad Hosting

At OpenDNS Labs we have developed a number of predictive models to hunt down evil on the Internet. We have discussed in previous blogs and conferences our algorithms NLPRank [1][2][3], Spike detector [4][5][6], and malicious IP space/rogue host detectors [7][8](section 14)[9][10][11][12][13][14][15].

In this blog we will discuss how we integrate all of these detection models to improve detection coverage of current threats and walk through a few interesting examples.

Phishing and Spikes

One of the recent samples we have found was a Facebook phishing campaign that was surfaced by our real-time alert system. Our ...

BSides Las Vegas, Black Hat, and Defcon Wrap-up

For OpenDNS, the first week of August was fun but also busy. A group of us OpenDNS researchers and engineers headed to Las Vegas for BSides Las Vegas, Black Hat, and Defcon. We gave talks, attended sessions, met with prospects and customers, and caught up with infosec friends.

This blog post details some of the insights from those who attended.

Insights from Andrew Hess

At BSides Las Vegas, Andrew Hess gave a short presentation about an internal feature the OpenDNS engineering team has constructed, and ...