Ghost turns zombie: exploring the life cycle of web-based malware
作者: Michalis Polychronakis , Panayiotis Mavrommatis , Niels Provos
DOI:
关键词:
摘要: While the web provides information and services that enrich our lives in many ways, it has also become primary vehicle for delivering malware. Once infected with web-based malware, an unsuspecting user's machine is converted into a productive member of Internet underground. In this work, we explore life cycle malware by employing light-weight responders to capture network profile machines. Our results indicate cornerstone large scale electronic fraud. It used exfiltrate address books compromised machines creating databases hundred millions email addresses, form spamming botnets responsible significant fraction spam currently seen on Internet, steal login credentials can be directly monetized or leveraged turn more servers delivery vectors. We support findings providing broad overview post-infection behavior as well in-depth examinations leaked found during course study.
forth.gr参考文章(14)
Panayiotis Mavrommatis, Niels Provos, Dean McNamee, Nagendra Modadugu, Ke Wang, The ghost in the browser analysis of web-based malware conference on workshop on hot topics in understanding botnets. pp. 4- 4 ,(2007)
K. G. Anagnostakis, K. Xinidis, A. D. Keromytis, E. Markatos, S. Sidiroglou, P. Akritidis, Detecting targeted attacks using shadow honeypots usenix security symposium. pp. 9- 9 ,(2005) , 10.7916/D8WM1PS8
Niels Provos, A virtual honeypot framework usenix security symposium. pp. 1- 1 ,(2004)
Vinod Yegneswaran, Paul Barford, Dave Plonka, On the Design and Use of Internet Sinks for Network Abuse Monitoring recent advances in intrusion detection. pp. 146- 165 ,(2004) , 10.1007/978-3-540-30143-1_8
Fabian Monrose, Panayiotis Mavrommatis, Moheeb Abu Rajab, Niels Provos, All your iFRAMEs point to Us usenix security symposium. pp. 1- 15 ,(2008)
Moheeb Abu Rajab, Jay Zarfoss, Fabian Monrose, Andreas Terzis, A multifaceted approach to understanding the botnet phenomenon internet measurement conference. pp. 41- 52 ,(2006) , 10.1145/1177080.1177086
Carsten Willems, Thorsten Holz, Felix Freiling, Toward Automated Dynamic Malware Analysis Using CWSandbox ieee symposium on security and privacy. ,vol. 5, pp. 32- 39 ,(2007) , 10.1109/MSP.2007.45
Andreas Moser, Christopher Kruegel, Engin Kirda, Exploring Multiple Execution Paths for Malware Analysis ieee symposium on security and privacy. pp. 231- 245 ,(2007) , 10.1109/SP.2007.17
M. Christodorescu, S. Jha, S.A. Seshia, D. Song, R.E. Bryant, Semantics-aware malware detection ieee symposium on security and privacy. pp. 32- 46 ,(2005) , 10.1109/SP.2005.20
Vern Paxson, Jason Franklin, Stefan Savage, Adrian Perrig, An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants computer and communications security. pp. 375- 388 ,(2007)