Presentation | 2013-03-25 Network-based classification of remote exploit attacks focusing on UUID Yusuke TAKAHASHI, Masaki KAMIZONO, Yuji HOSHIZAWA, Katsunari YOSHIOKA, Tsutomu MATSUMOTO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | Remote exploit attacks, which target vulnerabilities of network services, is the class of most common attacks utilized in cyber attacks. In particular, Windows file sharing services have contained a series of vulnerabilities, which have been exploited by many malware. Because various services are sharing the same port numbers for file sharing, it is difficult to identify the targeted vulnerabilities at network level. In this study, we propose a network-based classification method for remote exploit attacks by focusing on UUID, which is used by the file sharing services to identify the intended service, observed in the attack traffic. By conducting experiments with in-the-wild malware samples and honeypot traffics, we show that we can provide better classification of such network attacks. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Remote Exploit Attack / Shellcode Analysis / File Sharing Service / Vulnerability Identification |
Paper # | ICSS2012-65 |
Date of Issue |
Conference Information | |
Committee | ICSS |
---|---|
Conference Date | 2013/3/18(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information and Communication System Security (ICSS) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Network-based classification of remote exploit attacks focusing on UUID |
Sub Title (in English) | |
Keyword(1) | Remote Exploit Attack |
Keyword(2) | Shellcode Analysis |
Keyword(3) | File Sharing Service |
Keyword(4) | Vulnerability Identification |
1st Author's Name | Yusuke TAKAHASHI |
1st Author's Affiliation | Yokohama National University() |
2nd Author's Name | Masaki KAMIZONO |
2nd Author's Affiliation | SecureBrain Corporation |
3rd Author's Name | Yuji HOSHIZAWA |
3rd Author's Affiliation | Yokohama National University:SecureBrain Corporation |
4th Author's Name | Katsunari YOSHIOKA |
4th Author's Affiliation | Yokohama National University |
5th Author's Name | Tsutomu MATSUMOTO |
5th Author's Affiliation | Yokohama National University |
Date | 2013-03-25 |
Paper # | ICSS2012-65 |
Volume (vol) | vol.112 |
Number (no) | 499 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |