Cybercrime 2.0: When the cloud turns dark

Communications of the ACM

Volumn 52, Issue 4, 2009, Pages 42-47

  Provos, Niels ^a   Rajab, Moheeb Abu ^a   Mavrommatis, Panayiotis ^b  

^a Infrastructure Security Group

^b Security Group

Author keywords

[No Author keywords available]

Indexed keywords

CYBERCRIME; MALWARE ATTACKS;

COMPUTER CRIME;

EID: 65949097260     PISSN: 00010782     EISSN: 15577317     Source Type: Journal    
DOI: 10.1145/1498765.1498782     Document Type: Article

References (15)

1. Barth, A., Jackson, C., and Reis, C. The Security Architecture of the Chromium Browser; http://crypto.stanford.edu/websec/chromium/chromium- securityarchitecture.odf.
2. Brumley, D., Hartwig, C., Kang, M., Liang, Z., Newsome, J., Song, D., and Yin, H. BitScope: Automatically dissecting malicious binaries. Technical Report,Technical Report CMU -CS -07-133, School of Computer Science, Carnegie Mellon University, March 2007.
3. Court halts bogus computer scans (Dec. 2008); www.ftc.gov/opa/2008/12/ winsoftware.shtm
4. Grier, C., Tang, S., and King, S. Secure Web browsing with the OP Web browser. Security and Privacy, 2008. IE Symposium, 2008, 402416.
5. Krebs, B. Internet Explorer unsafe for 284 days in 2006. Washington Post Online Blog, Jan. 2007.
6. Krebs, B. Blogfight: IE vs. Firefox security. Washington Post Online Blog, Jan. 2009.
7. Microsoft. Microsoft Security Bulletin MS06-014: Vulnerability in the Microsoft Data Access Components (MDACS ) Function Could Allow Code Execution. May, 2006.
8. Microsoft. Microsoft Security Advisory (935423): Vulnerability in Windows Animated Cursor Handling, Mar. 2007.
9. Moser, A., Kruegel, C., and Kirda, E. Exploring multiple execution paths for malware analysis. In Proceedings of the IEEE Symposium on Security and Privacy, 2007, 231245.
10. Polychronakis, M., Mavrommatis, P., and Provos, N. Ghost Turns Zombie: Exploring the Life Cycle of Webbased Malware. In Proceedings of the 1st USENIX Workshop on Large-Scale Exploits and Emergent Threats (Apr. 2008).
11. Provos, N. Using htaccess To Distribute Malware. Dec. 2008; www.provos.org/index.php?/archives/55-Usinghtaccess-To-Distribute-Malware.html.
12. Provos, N., Mavrommatis, P., Rajab, M.A., and Monrose, F. All your IFRAMEs point to us. USENIX Security Symposium, 2008, 116.
13. Raz, R. Asprox silent defacement. Chapters in Web Security, Dec. 2008; http://chaptersinWebsecurity.blogspot.com/2008/07/asprox-silent- defacement.html.
14. Small, S., Mason, J., Monrose, F., Provos, N., and Stubblefield, A. To catch a predator: A natural language approach for eliciting malicious payloads. USENIX Security Symposium, 2008, 171184.
15. Stewart, J. Danmec/Asprox SQL injection attack tool analysis. Secure Works Online, May 2008; www.secureworks.com/research/threats/danmecasprox.