poster

Towards Identifying Early Indicators of a Malware Infection

Authors:

Sareena Karapoola,

Chester Rebeiro,

Unnati Parekh,

Kamakoti VeezhinathanAuthors Info & Claims

Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

Pages 679 - 681

https://doi.org/10.1145/3321705.3331006

Published: 02 July 2019 Publication History

Get Access

Abstract

A malware goes through multiple stages in its life-cycle at the target machine before mounting its expected attack. The entire life-cycle can span anywhere from a few weeks to several months. The network communications during the initial phase could be the earliest indicators of a malware infection. While prior works have leveraged network traffic, none have focused on the temporal analysis of how early can the malware be detected. The main challenges here are the difficulty in differentiating benign-looking malware communications in the early stages of the malware life-cycle. In our quest to build an early warning system, we analyze malware communications to identify such early indicators.

References

[1]

Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J Alex Halderman, Luca Invernizzi, Michalis Kallitsis, et almbox. 2017. Understanding the Mirai botnet. In USENIX Security Symposium. 1092--1110.

Digital Library

Google Scholar

[2]

Karel Bartos, Michal Sofka, and Vojtech Franc. 2016. Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants. In USENIX security symposium. 807--822.

Digital Library

Google Scholar

[3]

Yehonatan Cohen and Danny Hendler. 2018. Scalable Detection of Server-Side Polymorphic Malware. Knowledge-Based Systems, Vol. 156 (2018), 113--128.

Crossref

Google Scholar

[4]

Jan Kohout and Tomávs Pevnỳ. 2015. Automatic discovery of web servers hosting similar applications. In Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on. IEEE, 1310--1315.

Crossref

Google Scholar

[5]

Chaz Lever, Platon Kotzias, Davide Balzarotti, Juan Caballero, and Manos Antonakakis. 2017. A Lustrum of malware network communication: Evolution and insights. In IEEE Symposium on Security and Privacy (SP), 2017. IEEE, 788--804.

Crossref

Google Scholar

[6]

Jakub Lokovc, Jan Kohout, Pvr emysl vC ech, Tomávs Skopal, and Tomávs Pevnỳ. 2016. k-NN classification of malware in HTTPS traffic using the metric space approach. In Pacific-Asia Workshop on Intelligence and Security Informatics. Springer, 131--145.

Digital Library

Google Scholar

Cited By

View all

Song JChoi SKim JPark KPark CKim JKim I(2024)A study of the relationship of malware detection mechanisms using Artificial IntelligenceICT Express10.1016/j.icte.2024.03.00510:3(632-649)Online publication date: Jun-2024
https://doi.org/10.1016/j.icte.2024.03.005
Hussain AAhmad STanveer MIqbal A(2022)Computer Malware Classification, Factors, and Detection Techniques: A Systematic Literature Review (SLR)International Journal of Innovations in Science and Technology10.33411/IJIST/20220403204:3(899-918)Online publication date: 29-Aug-2022
https://doi.org/10.33411/IJIST/2022040320

Recommendations

Ransomware early detection: A survey
Abstract
In recent years, ransomware attacks have exploded globally, and it has become one of the most significant cyber threats to digital infrastructure. Such attacks have been targeting ranging from individuals to critical infrastructure or large ...
The Next Malware Battleground: Recovery After Unknown Infection

Malware has become a natural aspect of Internet computing due to the imperfectness of systems that identify malware and prevent their installation. Our ability to control the volume of unwanted and malicious traffic on the Internet—the spam messages, ...
Correlation Analysis between Spamming Botnets and Malware Infected Hosts
SAINT '11: Proceedings of the 2011 IEEE/IPSJ International Symposium on Applications and the Internet

Many of recent cyber attacks are being launched by botnets for the purpose of carrying out large-scale cyber attacks such as spam emails, Distributed Denial of Service (DDoS), network scanning and so on. In many cases, these botnets consist of a lot of ...

Comments

Information & Contributors

Information

Published In

Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

July 2019

708 pages

ISBN:9781450367523

DOI:10.1145/3321705

General Chairs:
Steven Galbraith
University of Auckland, New Zealand
,
Giovanni Russello
University of Auckland, New Zealand
,
Willy Susilo
University of Wollongong, Australia
,
Program Chairs:
Dieter Gollmann
Hamburg University of Technology, Germany & Nanyang Technological University, Singapore
,
Engin Kirda
Northeastern University, USA
,
Zhenkai Liang
National University of Singapore, Singapore

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 July 2019

Check for updates

Author Tags

Qualifiers

Poster

Conference

Asia CCS '19

Sponsor:

SIGSAC

Asia CCS '19: ACM Asia Conference on Computer and Communications Security

July 9 - 12, 2019

Auckland, New Zealand

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
299
Total Downloads

Downloads (Last 12 months)21
Downloads (Last 6 weeks)3

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Song JChoi SKim JPark KPark CKim JKim I(2024)A study of the relationship of malware detection mechanisms using Artificial IntelligenceICT Express10.1016/j.icte.2024.03.00510:3(632-649)Online publication date: Jun-2024
https://doi.org/10.1016/j.icte.2024.03.005
Hussain AAhmad STanveer MIqbal A(2022)Computer Malware Classification, Factors, and Detection Techniques: A Systematic Literature Review (SLR)International Journal of Innovations in Science and Technology10.33411/IJIST/20220403204:3(899-918)Online publication date: 29-Aug-2022
https://doi.org/10.33411/IJIST/2022040320

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Ransomware early detection: A survey

The Next Malware Battleground: Recovery After Unknown Infection

Correlation Analysis between Spamming Botnets and Malware Infected Hosts

Comments

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Recommendations

Ransomware early detection: A survey

The Next Malware Battleground: Recovery After Unknown Infection

Correlation Analysis between Spamming Botnets and Malware Infected Hosts

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations