论文信息 - MalwareLab: Experimentation with Cybercrime Attack Tools

MalwareLab: Experimentation with Cybercrime Attack Tools

Cybercrime attack tools (i.e. Exploit Kits) are reportedly responsible for the majority of attacks affecting home users. Exploit kits are traded in the black markets at different prices and advertising different capabilities and functionalities. In this paper we present our experimental approach in testing 10 exploit kits leaked from the markets that we deployed in an isolated environment, our MalwareLab. The purpose of this experiment is to test these tools in terms of resiliency against changing software configurations in time. We present our experiment design and implementation, discuss challenges, lesson learned and open problems, and present a preliminary analysis of the results.

Fabio Massacci | Luca Allodi | Vadim Kotov

[1] Niels Provos,et al. The Ghost in the Browser: Analysis of Web-based Malware , 2007, HotBots.

[2] Niels Provos,et al. All Your iFRAMEs Point to Us , 2008, USENIX Security Symposium.

[3] Fabio Massacci,et al. Quantitative Assessment of Risk Reduction with Cybercrime Black Market Monitoring , 2013, 2013 IEEE Security and Privacy Workshops.

[4] Rick Wash,et al. Organization Interfaces—collaborative computing General Terms , 2022 .

[5] Fabio Massacci,et al. Anatomy of Exploit Kits - Preliminary Analysis of Exploit Kits as Software Artefacts , 2013, ESSoS.

[6] Chris Kanich,et al. No Plan Survives Contact: Experience with Cybercrime Measurement , 2011, CSET.

[7] Stefan Savage,et al. Manufacturing compromise: the emergence of exploit-as-a-service , 2012, CCS.

[8] Herbert Bos,et al. Prudent Practices for Designing Malware Experiments: Status Quo and Outlook , 2012, 2012 IEEE Symposium on Security and Privacy.