Results 1 - 10
of
318
SplitScreen: Enabling Efficient, Distributed Malware Detection
"... We present the design and implementation of a novel anti-malware system called SplitScreen. SplitScreen performs an additional screening step prior to the signature matching phase found in existing approaches. The screening step filters out most non-infected files (90%) and also identifies malware s ..."
Abstract
-
Cited by 14 (6 self)
- Add to MetaCart
We present the design and implementation of a novel anti-malware system called SplitScreen. SplitScreen performs an additional screening step prior to the signature matching phase found in existing approaches. The screening step filters out most non-infected files (90%) and also identifies malware
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
"... Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g., IRC) and structures (e.g., central ..."
Abstract
-
Cited by 200 (14 self)
- Add to MetaCart
Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g., IRC) and structures (e
On Challenges in Evaluating Malware Clustering
, 2007
"... Abstract. Malware clustering and classification are important tools that enable analysts to prioritize their malware analysis efforts. The recent emergence of fully automated methods for malware clustering and classification that report high accuracy suggests that this problem may largely be solved. ..."
Abstract
-
Cited by 14 (0 self)
- Add to MetaCart
Abstract. Malware clustering and classification are important tools that enable analysts to prioritize their malware analysis efforts. The recent emergence of fully automated methods for malware clustering and classification that report high accuracy suggests that this problem may largely be solved
Measuring Pay-per-Install: The Commoditization of Malware Distribution
"... Recent years have seen extensive diversification of the “underground economy ” associated with malware and the subversion of Internet-connected systems. This trend to-wards specialization has compelling forces driving it: mis-creants readily apprehend that tackling the entire value-chain from malwar ..."
Abstract
- Add to MetaCart
-fection of victims ’ systems. In this work we perform a measurement study of the PPI market by infiltrating four PPI services. We develop infrastruc-ture that enables us to interact with PPI services and gather and classify the resulting malware executables distributed by the services. Using our infrastructure, we
MalwareMonitor: An SDN-based Framework for Securing Large Networks
"... Large high-speed networks such as in campuses and enter-prises teem with malware infections; current solutions are either incapable of coping with the high data rates, or lack-ing in effective and speedy threat detection and mitigation. This work presents an early architecture for MalwareMon-itor, a ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Mon-itor, a security framework that leverages SDN technology to address these limitations. We propose elastically parti-tioning network traffic to enable distributing detection load across a range of detectors; further, a centralized SDN con-troller allows for network-wide threat correlation as well as speedy
Systematic Mining of Associated Server Herds for Malware Campaign Discovery
"... Abstract—HTTP is a popular channel for malware to com-municate with malicious servers (e.g., Command & Control, drive-by download, drop-zone), as well as to attack benign servers. By utilizing HTTP requests, malware easily disguises itself under a large amount of benign HTTP traffic. Thus, iden- ..."
Abstract
- Add to MetaCart
-tifying malicious HTTP activities is challenging. We leverage an insight that cyber criminals are increasingly using dynamic malicious infrastructures with multiple servers to be efficient and anonymous in (i) malware distribution (using redirectors and exploit servers), (ii) control (using C&C servers
MutantX-S: Scalable Malware Clustering Based on Static Features
"... The current lack of automatic and speedy labeling of a large number (thousands) of malware samples seen everyday delays the distribution of malware signatures, leading to a low detection rate of new malware samples in the wild. In this paper, we design, implement and evaluate a novel, scalable frame ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
The current lack of automatic and speedy labeling of a large number (thousands) of malware samples seen everyday delays the distribution of malware signatures, leading to a low detection rate of new malware samples in the wild. In this paper, we design, implement and evaluate a novel, scalable
Triggercast: Enabling Wireless Collisions Constructive
"... Abstract—It is generally considered that concurrent trans-missions should be avoided in order to reduce collisions in wireless sensor networks. Constructive interference (CI) envisions concurrent transmissions to positively interfere at the receiver. CI potentially allows orders of magnitude reducti ..."
Abstract
- Add to MetaCart
reductions in energy consumptions and improvements on link quality. In this paper, we theoretically introduce a sufficient condition to construct CI with IEEE 802.15.4 radio for the first time. Moreover, we propose Triggercast, a distributed middleware, and show it is feasible to generate CI in TMote Sky
TriggerCast: Enabling Wireless Constructive Collisions
"... Abstract—Constructive Interference (CI) proposed in the ex-isting work (e.g., A-MAC [1], Glossy [2]) may degrade the packet reception performance in terms of Packet Reception Ratio (PRR) and Received Signal Strength Indication (RSSI). The packet reception performance of a set of nodes trans-mitting ..."
Abstract
- Add to MetaCart
Abstract—Constructive Interference (CI) proposed in the ex-isting work (e.g., A-MAC [1], Glossy [2]) may degrade the packet reception performance in terms of Packet Reception Ratio (PRR) and Received Signal Strength Indication (RSSI). The packet reception performance of a set of nodes trans
Cyberprobe: Towards internet-scale active detection of malicious servers
- In Network and Distributed System Security Symposium
, 2014
"... Abstract-Cybercriminals use different types of geographically distributed servers to run their operations such as C&C servers for managing their malware, exploit servers to distribute the malware, payment servers for monetization, and redirectors for anonymity. Identifying the server infrastruc ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
Abstract-Cybercriminals use different types of geographically distributed servers to run their operations such as C&C servers for managing their malware, exploit servers to distribute the malware, payment servers for monetization, and redirectors for anonymity. Identifying the server
Results 1 - 10
of
318