论文信息 - Practical Problems of Internet Threats Analyses

Practical Problems of Internet Threats Analyses

As the functional complexity of the malicious software increases, their analyses faces new problems. The paper presents these aspects in the context of automatic analyses of Internet threats observed with the HoneyPot technology. The problems were identified based on the experience gained from the analyses of exploits and malware using the dedicated infrastructure deployed in the network of the Institute of Computer Science at Warsaw University of Technology. They are discussed on the background of the real-life case of a recent worm targeting Network Attached Storage (NAS) devices vulnerability. The paper describes the methodology and data analysis supporting systems as well as the concept of general and custom HoneyPots used in the research.

Krzysztof Cabaj | Piotr Gawkowski | Konrad Grochowski

[1] Krzysztof Cabaj,et al. Exploring the Space of System Monitoring , 2013, Intelligent Tools for Building a Scientific Information Platform.

[2] Barry E. Mullins,et al. Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices , 2014, Int. J. Crit. Infrastructure Prot..

[3] Krzysztof Cabaj,et al. HoneyPot systems in practice , 2015 .

[4] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[5] P. Gawkowski,et al. Checking of fault susceptibility of cryptographic algorithms , 2009 .

[6] Krzysztof Cabaj,et al. Management and Analytical Software for Data Gathered from HoneyPot System , 2013 .

[7] Jian Xu,et al. A similarity metric method of obfuscated malware using function-call graph , 2012, Journal of Computer Virology and Hacking Techniques.

[8] Hiroshi Fujinoki,et al. A Survey: Recent Advances and Future Trends in Honeypot Research , 2012 .

[9] Felix C. Freiling,et al. The Nepenthes Platform: An Efficient Approach to Collect Malware , 2006, RAID.