Lens on the Endpoint: Hunting for Malicious Software Through Endpoint Data Analysis
作者: Ahmet Salih Buyukkayhan , Alina Oprea , Zhou Li , William Robertson
DOI: 10.1007/978-3-319-66332-6_4
关键词:
摘要: Organizations are facing an increasing number of criminal threats ranging from opportunistic malware to more advanced targeted attacks. While various security technologies available protect organizations’ perimeters, still many breaches lead undesired consequences such as loss proprietary information, financial burden, and reputation defacing. Recently, endpoint monitoring agents that inspect system-level activities on user machines started gain traction be deployed in the industry additional defense layer. Their application, though, most cases is only for forensic investigation determine root cause incident.
springer.com
sci-hub.se 参考文章(33)
Georg Wicherski, peHash: a novel approach to fast malware clustering usenix conference on large scale exploits and emergent threats. pp. 1- 1 ,(2009)
Kevin D. Bowers, Catherine Hart, Ari Juels, Nikos Triandopoulos, PillarBox: Combating Next-Generation Malware with Fast Forward-Secure Logging recent advances in intrusion detection. pp. 46- 67 ,(2014) , 10.1007/978-3-319-11379-1_3
Vinod Yegneswaran, Guofei Gu, Wenke Lee, Martin Fong, Phillip Porras, BotHunter: detecting malware infection through IDS-driven dialog correlation usenix security symposium. pp. 12- ,(2007)
Sandeep Bhatkar, Kang G. Shin, Kent Griffin, Xin Hu, MutantX-S: scalable malware clustering based on static features usenix annual technical conference. pp. 187- 198 ,(2013)
James Franklin, The elements of statistical learning : data mining, inference,and prediction The Mathematical Intelligencer. ,vol. 27, pp. 83- 85 ,(2005) , 10.1007/BF02985802
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Zhongshu Gu, Kexin Pei, Qifan Wang, Luo Si, Xiangyu Zhang, Dongyan Xu, LEAPS: Detecting Camouflaged Attacks with Statistical Learning Guided by Program Analysis 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. pp. 57- 68 ,(2015) , 10.1109/DSN.2015.34
Philip K. Chan, Wenke Lee, Saivatore J. Stolfo, Learning Patterns from Unix Process Execution Traces for Intrusion Detection ,(1997) , 10.7916/D8B56RF2
Hans-Peter Kriegel, Martin Ester, Jörg Sander, Xiaowei Xu, A density-based algorithm for discovering clusters in large spatial Databases with Noise knowledge discovery and data mining. pp. 226- 231 ,(1996)
Roberto Perdisci, Nick Feamster, Wenke Lee, Behavioral clustering of HTTP-based malware and signature generation using malicious network traces networked systems design and implementation. pp. 26- 26 ,(2010) , 10.5555/1855711.1855737