| Presentation | 2009-07-03 Investigation about Malware Distribution to Websites Takeshi YAGI, Naoto TANIMOTO, Masaki HAMADA, Mitsutaka ITOH, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | This paper reports the actual situation of malware distribution to websites by constructing web honeynets, which carries vulnerable web applications. Recently, a large number of websites are used by attackers as hopping sites to attack other websites and user terminals. To make hopping sites, many attackers make victims download malware themselves by using vulnerabilities in web applications. To protect websites from these attacks, conventional technologies filter accesses from attackers by using signatures, which are generated by analyzing vulnerabilities in web applications. However, to improve accuracy of signatures, vulnerabilities in all web applications should be analyzed. In this paper, we investigated characteristics of attacks which can be identified more efficient than access pattern of attackers. Our investigation reveals that destinations of malware download requests works well for detection of attacks. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | security / web honeynets / web honeypot / malware / remote file inclusion |
| Paper # | ISEC2009-32,SITE2009-24,ICSS2009-46 |
| Date of Issue |
| Conference Information | |
| Committee | SITE |
|---|---|
| Conference Date | 2009/6/25(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Social Implications of Technology and Information Ethics (SITE) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Investigation about Malware Distribution to Websites |
| Sub Title (in English) | |
| Keyword(1) | security |
| Keyword(2) | web honeynets |
| Keyword(3) | web honeypot |
| Keyword(4) | malware |
| Keyword(5) | remote file inclusion |
| 1st Author's Name | Takeshi YAGI |
| 1st Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation() |
| 2nd Author's Name | Naoto TANIMOTO |
| 2nd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 3rd Author's Name | Masaki HAMADA |
| 3rd Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| 4th Author's Name | Mitsutaka ITOH |
| 4th Author's Affiliation | NTT Information Sharing Platform Laboratories, NTT Corporation |
| Date | 2009-07-03 |
| Paper # | ISEC2009-32,SITE2009-24,ICSS2009-46 |
| Volume (vol) | vol.109 |
| Number (no) | 114 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |