Presentation | 2010-07-01 Evaluating Detected Hosts of Malware Based on Search Engine Results Kazufumi AOKI, Mitsuaki AKIYAMA, Makoto IWAMURA, Mitsutaka ITOH, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Malware dynamic analysis using isolated environment couldn't obtain enough results because existing malwares (e.g., Bots and Downloaders) require access to the internet. Since internet traffic sent by malware includes some attacks, it is necessary to determine if the destination is a C&C server or malware download site and only allow connection to these severs. In this paper, we use search engine to obtain backlink for evaluating the destination extracted by malware dynamic analysis. As a result, we found that backlinks of C&C server and malware download sites are lower than legitimate sites. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Malware / Dynamic Analysis / Search Engine |
Paper # | ISEC2010-18,SITE2010-14,ICSS2010-24 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2010/6/24(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Evaluating Detected Hosts of Malware Based on Search Engine Results |
Sub Title (in English) | |
Keyword(1) | Malware |
Keyword(2) | Dynamic Analysis |
Keyword(3) | Search Engine |
1st Author's Name | Kazufumi AOKI |
1st Author's Affiliation | NTT Information Sharing Platform Laboratories() |
2nd Author's Name | Mitsuaki AKIYAMA |
2nd Author's Affiliation | NTT Information Sharing Platform Laboratories |
3rd Author's Name | Makoto IWAMURA |
3rd Author's Affiliation | NTT Information Sharing Platform Laboratories |
4th Author's Name | Mitsutaka ITOH |
4th Author's Affiliation | NTT Information Sharing Platform Laboratories |
Date | 2010-07-01 |
Paper # | ISEC2010-18,SITE2010-14,ICSS2010-24 |
Volume (vol) | vol.110 |
Number (no) | 113 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |