Improving detection and annotation of malware downloads and infections through deep packet inspection
暂无分享,去创建一个
[1] Paolo Milani Comparetti,et al. EvilSeed: A Guided Approach to Finding Malicious Web Pages , 2012, 2012 IEEE Symposium on Security and Privacy.
[2] Jack W. Stokes,et al. WebCop: Locating Neighborhoods of Malware on the Web , 2010, LEET.
[3] Christopher Krügel,et al. A survey on automated dynamic malware-analysis techniques and tools , 2012, CSUR.
[4] Niels Provos,et al. CAMP: Content-Agnostic Malware Protection , 2013, NDSS.
[5] David Brumley,et al. BitShred: feature hashing malware for scalable triage and semantic analysis , 2011, CCS '11.
[6] Christopher Krügel,et al. The Underground Economy of Fake Antivirus Software , 2011, WEIS.
[7] Pawel Gburzynski,et al. A scalable load balancer for forwarding internet traffic , 2005, 2005 Symposium on Architectures for Networking and Communications Systems (ANCS).
[8] Nick Feamster,et al. Building a Dynamic Reputation System for DNS , 2010, USENIX Security Symposium.
[9] Vern Paxson,et al. Measuring Pay-per-Install: The Commoditization of Malware Distribution , 2011, USENIX Security Symposium.
[10] Richard Power,et al. Social engineering: attacks have evolved, but countermeasures have not , 2006 .
[11] Ellen W. Zegura,et al. Performance of hashing-based schemes for Internet load balancing , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).
[12] Wenke Lee,et al. Ether: malware analysis via hardware virtualization extensions , 2008, CCS.
[13] H. Franke,et al. Introduction to the wire-speed processor and architecture , 2010, IBM J. Res. Dev..
[14] Michalis Faloutsos,et al. ReSurf: Reconstructing web-surfing activity from network traffic , 2013, 2013 IFIP Networking Conference.
[15] Guofei Gu,et al. BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.
[16] Fang Yu,et al. Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures , 2013, 2013 IEEE Symposium on Security and Privacy.
[17] Lena Laribee,et al. Development of Methodical Social Engineering Taxonomy Project , 2006 .
[18] Lech J. Janczewski,et al. A Taxonomy for Social Engineering attacks , 2011 .
[19] Yajin Zhou,et al. Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.
[20] Stefan Savage,et al. Manufacturing compromise: the emergence of exploit-as-a-service , 2012, CCS.
[21] Juan Caballero,et al. FIRMA: Malware Clustering and Network Signature Generation with Mixed Network Behaviors , 2013, RAID.
[22] Pawel Gburzynski,et al. Load balancing for parallel forwarding , 2005, IEEE/ACM Transactions on Networking.
[23] Vern Paxson,et al. An architecture for exploiting multi-core processors to parallelize network intrusion prevention , 2007 .
[24] Bin Liu,et al. An adaptive hash-based multilayer scheduler for L7-filter on a highly threaded hierarchical multi-core server , 2009, ANCS '09.
[25] James Newsome,et al. Polygraph: automatically generating signatures for polymorphic worms , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).
[26] Chih-Jen Lin,et al. LIBSVM: A library for support vector machines , 2011, TIST.
[27] Wenke Lee,et al. Classification of packed executables for accurate computer virus detection , 2008, Pattern Recognit. Lett..
[28] Kevin Townsend. R&D: The art of social engineering , 2010 .
[29] Juan Caballero,et al. Driving in the Cloud: An Analysis of Drive-by Download Operations and Abuse Reporting , 2013, DIMVA.
[30] Barton Whaley. Toward a general theory of deception , 1982 .
[31] Christopher Krügel,et al. JACKSTRAWS: Picking Command and Control Connections from Bot Traffic , 2011, USENIX Security Symposium.
[32] Raj Jain,et al. Packet Trains-Measurements and a New Model for Computer Network Traffic , 1986, IEEE J. Sel. Areas Commun..
[33] Fang Yu,et al. Knowing your enemy: understanding and detecting malicious web advertising , 2012, CCS '12.
[34] Guofei Gu,et al. WebPatrol: automated collection and replay of web-based malware scenarios , 2011, ASIACCS '11.
[35] Steven D. Gribble,et al. A Crawler-based Study of Spyware in the Web , 2006, NDSS.
[36] Mark Allman,et al. On making TCP more robust to packet reordering , 2002, CCRV.
[37] Xin Zhao,et al. The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution , 2010, LEET.
[38] Christopher Krügel,et al. Nazca: Detecting Malware Distribution in Large-Scale Networks , 2014, NDSS.
[39] Andreas Dewald,et al. Forschungsberichte der Fakultät IV – Elektrotechnik und Informatik C UJO : Efficient Detection and Prevention of Drive-by-Download Attacks , 2010 .
[40] Vinod Yegneswaran,et al. BLADE: an attack-agnostic approach for preventing drive-by malware infections , 2010, CCS '10.
[41] Geoff Hulten,et al. Spamming botnets: signatures and characteristics , 2008, SIGCOMM '08.
[42] Roberto Perdisci,et al. WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths , 2015, USENIX Security Symposium.
[43] Nick Feamster,et al. Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces , 2010, NSDI.
[44] InduShobha N. Chengalur-Smith,et al. An overview of social engineering malware: Trends, tactics, and implications , 2010 .
[45] Marcus A. Maloof,et al. Learning to Detect and Classify Malicious Executables in the Wild , 2006, J. Mach. Learn. Res..
[46] Niels Provos,et al. The Ghost in the Browser: Analysis of Web-based Malware , 2007, HotBots.
[47] Roberto Perdisci,et al. From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware , 2012, USENIX Security Symposium.
[48] Kang Li,et al. Measuring and Detecting Malware Downloads in Live Network Traffic , 2013, ESORICS.
[49] Wenke Lee,et al. SURF: detecting and measuring search poisoning , 2011, CCS '11.
[50] Gero Dittmann,et al. Network Processor Load Balancing for High-Speed Links , 2000 .
[51] Kang Li,et al. ClickMiner: Towards Forensic Reconstruction of User-Browser Interactions from Network Traces , 2014, CCS.
[52] Roberto Perdisci,et al. Scalable fine-grained behavioral clustering of HTTP-based malware , 2013, Comput. Networks.
[53] Benjamin Livshits,et al. ZOZZLE: Fast and Precise In-Browser JavaScript Malware Detection , 2011, USENIX Security Symposium.
[54] William L. Simon,et al. The Art of Deception: Controlling the Human Element of Security , 2001 .
[55] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .
[56] Hao Yu,et al. Exploiting heterogeneous multicore-processor systems for high-performance network processing , 2010, IBM J. Res. Dev..
[57] Roy T. Fielding,et al. Uniform Resource Identifier (URI): Generic Syntax , 2005, RFC.
[58] Hao Yu,et al. Stateful hardware decompression in networking environment , 2008, ANCS '08.
[59] Farnam Jahanian,et al. CloudAV: N-Version Antivirus in the Network Cloud , 2008, USENIX Security Symposium.
[60] Christopher Krügel,et al. Revolver: An Automated Approach to the Detection of Evasive Web-based Malware , 2013, USENIX Security Symposium.
[61] Christopher Krügel,et al. Detection and analysis of drive-by-download attacks and malicious JavaScript code , 2010, WWW '10.
[62] Mark S. Squillante,et al. Using Processor-Cache Affinity Information in Shared-Memory Multiprocessor Scheduling , 1993, IEEE Trans. Parallel Distributed Syst..
[63] Vern Paxson,et al. An architecture for exploiting multi-core processors to parallelize network intrusion prevention , 2009, NSS 2009.
[64] Wenke Lee,et al. Detecting Malware Domains at the Upper DNS Hierarchy , 2011, USENIX Security Symposium.
[65] George Varghese,et al. Automated Worm Fingerprinting , 2004, OSDI.
[66] Tzi-cker Chiueh,et al. A Study of the Packer Problem and Its Solutions , 2008, RAID.
[67] Maria Papadaki,et al. A Practical Assessment of Social Engineering Vulnerabilities , 2008, HAISA.
[68] Niels Provos,et al. All Your iFRAMEs Point to Us , 2008, USENIX Security Symposium.
[69] B. Karp,et al. Autograph: Toward Automated, Distributed Worm Signature Detection , 2004, USENIX Security Symposium.
[70] John Platt,et al. Probabilistic Outputs for Support vector Machines and Comparisons to Regularized Likelihood Methods , 1999 .
[71] Tzi-cker Chiueh,et al. Performance guarantee for cluster-based Internet services , 2002, Ninth International Conference on Parallel and Distributed Systems, 2002. Proceedings..
[72] Leyla Bilge,et al. Automatically Generating Models for Botnet Detection , 2009, ESORICS.
[73] Edgar R. Weippl,et al. Advanced social engineering attacks , 2015, J. Inf. Secur. Appl..
[74] Bin Liu,et al. A scalable multithreaded L7-filter design for multi-core servers , 2008, ANCS '08.
[75] Mustaque Ahamad,et al. Packet scheduling for deep packet inspection on multi-core architectures , 2010, 2010 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).
[76] Hein S. Venter,et al. Social engineering attack framework , 2014, 2014 Information Security for South Africa.
[77] Guofei Gu,et al. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.
[78] Giovanni Vigna,et al. Prophiler: a fast filter for the large-scale detection of malicious web pages , 2011, WWW.
[79] Leyla Bilge,et al. EXPOSURE: Finding Malicious Domains Using Passive DNS Analysis , 2011, NDSS.
[80] George Kingsley Zipf,et al. Human Behaviour and the Principle of Least Effort: an Introduction to Human Ecology , 2012 .
[81] Gianluca Stringhini,et al. Shady paths: leveraging surfing crowds to detect malicious web pages , 2013, CCS.
[82] Michael Menth,et al. Accuracy and Dynamics of Hash-Based Load Balancing Algorithms for Multipath Internet Routing , 2006, 2006 3rd International Conference on Broadband Communications, Networks and Systems.
[83] Xuxian Jiang,et al. Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities , 2006, NDSS.
[84] A Saritha,et al. A system for detecting network intruders in real-time , 2016 .
[85] Craig Partridge,et al. Packet reordering is not pathological network behavior , 1999, TNET.
[86] Norbert Pohlmann,et al. Exploiting visual appearance to cluster and detect rogue software , 2013, SAC '13.
[87] Wenke Lee,et al. ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads , 2011, WWW.
[88] Nello Cristianini,et al. An Introduction to Support Vector Machines and Other Kernel-based Learning Methods , 2000 .
[89] Leo Breiman,et al. Random Forests , 2001, Machine Learning.
[90] Jose Nazario,et al. PhoneyC: A Virtual Client Honeypot , 2009, LEET.
[91] Hein S. Venter,et al. Towards an Ontological Model Defining the Social Engineering Domain , 2014, HCC.
[92] Francisco Casacuberta,et al. Topology of Strings: Median String is NP-Complete , 1999, Theor. Comput. Sci..
[93] Junjie Zhang,et al. Detecting fake anti-virus software distribution webpages , 2015, Comput. Secur..
[94] Benjamin Livshits,et al. NOZZLE: A Defense Against Heap-spraying Code Injection Attacks , 2009, USENIX Security Symposium.
[95] Jong Kim,et al. WarningBird: A Near Real-Time Detection System for Suspicious URLs in Twitter Stream , 2013, IEEE Transactions on Dependable and Secure Computing.
[96] William K. Robertson,et al. TrueClick: automatically distinguishing trick banners from genuine download links , 2014, ACSAC '14.
[97] Roberto Perdisci,et al. ExecScent: Mining for New C&C Domains in Live Networks with Adaptive Control Protocol Templates , 2013, USENIX Security Symposium.
[98] Lukas Kencl,et al. Sequence-preserving adaptive load balancers , 2006, 2006 Symposium on Architecture For Networking And Communications Systems.
[99] Antonio Nucci,et al. Detecting malicious HTTP redirections using trees of user browsing activity , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.
[100] 尤达亚玛卡尔·斯瑞尼瓦桑,et al. Dynamic load balancing without packet reordering , 2012 .
[101] Vern Paxson,et al. Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.