Video files and multistage attacks: (Im)possible?
作者: Hiran V Nath , B M Mehtre
DOI: 10.1109/INDICON.2014.7030520
关键词:
摘要: It is a general belief that executable creates more security risk than any other file types. So most of host based as well network systems are not programed to detect threats in non-executable files. These files includes images, movies and document like office or pdf Moreover, the very huge size, which prevents these scanners from scanning files, since it will take processing power delays mission critical process. But constantly used by all users. users may be naive professional much important for us understand whether could system not. In recent breaches, attackers focusing on usage initiate Advanced Persistent Threats (APTs) multistage attacks. this paper, we analyzing video file, downloaded popular torrent website. Finally, extracting malicious content embedded into it. After analyzing, have found contains link through another gets machine. This considered first stage attack. initiating targeted attacks victim's interest. Here also coming conclusion totally new method compromise system. paper explaining one followed attacker. aim attacker was infect machines with an adware.
sci-hub.se 参考文章(6)
Hiran V. Nath, Babu M. Mehtre, Static Malware Analysis Using Machine Learning Methods International Conference on Security in Computer Networks and Distributed Systems. pp. 440- 450 ,(2014) , 10.1007/978-3-642-54525-2_39
Marco Balduzzi, Vincenzo Ciangaglini, Robert McArdle, Targeted attacks detection with SPuNge conference on privacy, security and trust. pp. 185- 194 ,(2013) , 10.1109/PST.2013.6596053
Boldizsár Bencsáth, Gábor Pék, Levente Buttyán, Márk Félegyházi, The Cousins of Stuxnet: Duqu, Flame, and Gauss Future Internet. ,vol. 4, pp. 971- 1003 ,(2012) , 10.3390/FI4040971
Frankie Li, Anthony Lai, Ddl Ddl, Evidence of Advanced Persistent Threat: A case study of malware for political espionage international conference on malicious and unwanted software. pp. 102- 109 ,(2011) , 10.1109/MALWARE.2011.6112333
David D. Clark, Susan Landau, The problem isn't attribution: it's multi-stage attacks Proceedings of the Re-Architecting the Internet Workshop. pp. 11- ,(2010) , 10.1145/1921233.1921247
David Raymond, Gregory Conti, Robert Fanelli, Tom Cross, A control measure framework to limit collateral damage and propagation of cyber weapons international conference on cyber conflict. pp. 1- 16 ,(2013)