Poster: A Low-cost Detection Scheme on Fast-flux Malware Distribution
نویسندگان
چکیده
Malware is one of the most severe crucial security threats on the Internet. Many malware authors frequently change their malware distribution domains and URLs to avoid IDS (Intrusion Detection Systems) detection, and URLs become invalid shortly, which we name the malware distribution phenomenon fast-flux. We proposed a scheme named LDSM which could be able to detect fast-flux malware distribution with low cost. We have deployed our detection scheme in an ISP of CSTNET (China Science and Technology Network) for a month, and the experimental results demonstrate that LDSM is able to accurately detect malware distribution with 89.57% true positives. LDSM also could detect unknown malware from traffic and provides an effective way to improve malware detection tools. Keywords—Fast-flux, Malware distribution, Malware detection.
منابع مشابه
Detection of Fast Flux Service Networks
Fast Flux Service Networks (FFSN) apply high availability server techniques to the business of malware distribution. FFSNs are similar to commercial content distribution networks (CDN), such as Akamai, in terms of size, scope, and business model, serving as an outsourced content delivery service for clients. Using an analysis of DNS traffic, we derive a sequential hypothesis-testing algorithm b...
متن کاملAnalysis of Magnetic Flux Linkage Distribution in Salient-Pole Synchronous Generator with Different Kinds of Inter-Turn Winding Faults
A reliable and accurate diagnosis of inter-turn short circuit faults is a challenging problem in the area of fault diagnosis of electrical machines. The purpose of this challenge is to be more efficient in fault detection and to provide a reliable method with low-cost sensors and simple numerical algorithms which not only detect the occurrence of the fault, but also locate its position in the w...
متن کاملPoster: A general practitioner or a specialist for your infected smartphone?
With explosive growth in the number of mobile devices, the mobile malware is rapidly spreading as well, and the number of encountered malware families is increasing. Existing solutions, which are mainly based on one malware detector running on the phone or in the cloud, are no longer effective. Main problem lies in the fact that it might be impossible to create a unique mobile malware detector ...
متن کاملUnsupervised, low latency anomaly detection of algorithmically generated domain names by generative probabilistic modeling
We propose a method for detecting anomalous domain names, with focus on algorithmically generated domain names which are frequently associated with malicious activities such as fast flux service networks, particularly for bot networks (or botnets), malware, and phishing. Our method is based on learning a (null hypothesis) probability model based on a large set of domain names that have been whi...
متن کاملFlux Distribution in Bacillus subtilis: Inspection on Plurality of Optimal Solutions
Linear programming problems with alternate solutions are challenging due to the choice of multiple strategiesresulting in the same optimal value of the objective function. However, searching for these solutions is atedious task, especially when using mixed integer linear programming (MILP), as previously applied tometabolic models. Therefore, judgment on plurality of optimal m...
متن کامل