Server-side detection of malware infection

Proceedings New Security Paradigms Workshop

Volumn , Issue , 2009, Pages 11-21

  Jakobsson, Markus ^a   Juels, Ari ^b  

^a PALO ALTO RESEARCH CENTER   (United States)

^b RSA Laboratories   (United States)

Author keywords

Anti virus; Audit; Cell phone; Detection; Fraud; Incentive compatible; Infection; Malware; Mobile; Post mortem; Retroactive

Indexed keywords

ANTI VIRUS; BANDWIDTH LIMITATION; CELL PHONE; COMPUTING DEVICES; DEPLOYMENT ARCHITECTURE; INCENTIVE COMPATIBLE; MALWARES; MOBILE HANDSETS; POTENTIAL VALUES; SECURITY PROPERTIES; SERVICE PROVIDER;

CELLULAR TELEPHONE SYSTEMS; CRIME; MOBILE PHONES; TECHNICAL PRESENTATIONS; TELECOMMUNICATION EQUIPMENT; TELEPHONE; TELEPHONE SETS; VIRUSES;

COMPUTER VIRUSES;

EID: 77950903446     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1719030.1719033     Document Type: Conference Paper

References (36)

1. The Australian Internet Security Initiative. www.acma.gov.au/WEB/ STANDARD/pc=PC-310317.
2. M. Barrett and D. Levy, \A Practical Approach to Managing Phishing," April 2008.
3. M. Barrett, \Cybercrime { and What We will Have to do if We Want to Get it Under Control," July, 2008. publius.cc/cybercrime-and-what-we-will- have-do-if-we-want-get-it-under-control.pdf.
4. Michael Barrett, PayPal CSO, personal communication.
5. M. Bellare, R. Canetti and H. Krawczyk, "Keying Hash Functions for Message Authentication," Advances in Cryptology - Crypto 96 Proceedings, 1996.
6. M. Bellare and S.K. Miner, "A Forward-Secure Digital Signature Scheme," Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.431-448, 1999.
7. M. Bellare and B. Yee, "Forward Integrity for Secure Audit Logs," Technical Report, University of California at San Diego, 23 November 1997.
8. M. Bellare and B. Yee, "Forward-Security in Private-Key Cryptography," Topics in Cryptology - CT-RSA 03, pp. 1-18, 2003.
9. J.Y. Choi, P. Golle and M. Jakobsson. "Auditable Privacy: On Tamper-Evident Mix Networks." Financial Cryptography, 2006.
10. J.Y. Choi, P. Golle, and M. Jakobsson, "Tamper-Evident Digital Signatures: Protecting Certi cation Authorities Against Malware," DACS, 2006.
11. K.-K. R. Choo, "Organised crime groups in cyberspace: a typology," Trends in Organized Crime, DOI 10.1007/s12117-008-9038-9, 2008.
12. G. Di Crescenzo, N. Ferguson, R. Impagliazzo, and M. Jakobsson, "How To Forget a Secret," In STACS. LNCS 1563. Springer-Verlag, pp. 500-509, 1999.
13. G. Durfee, D.K. Smetters, and D. Balfanz, "Posture-Based Data Protection," PARC Technical Report 06-11; September 2006. www.parc.com/publication/2302/posture-based-data-protection.html
14. M. Egele, E. Kirda, and C. Kruegel. Mitigating Drive-by Download Attacks: Challenges and Open Problems. In iNetSec, 2009.
15. Georgia Tech Information Security Center, "Emerging Cyber Threats Report for 2009," October, 2008. www.gtisc.gatech.edu/pdf/ CyberThreatsReport2009.pdf.
16. A. J. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum and E. W. Felten, "Lest we remember: cold-boot attacks on encryption keys," Commun. ACM, pp. 91-98, 2009.
17. Harris Interactive Public Relations Research, "A Study about Mobile Device Users," June 2009. Abstract available at www.cloudmark.com/en/ company/mobile-survey.html, full version at www.cloudmark.com/releases/docs/ harris-poll- stats.pdf.
18. S. Havlin, "Phone Infections," Science, Vol.324. no.5930, pp. 1023-1024, 22 May 2009.
19. G. Hughes and T. Coughlin, "Tutorial on Disk Drive Data Sanitization," cmrr.ucsd.edu/people/Hughes/ DataSanitizationTutorial.pdf.
20. M. Hypponen, \Malware Goes Mobile," Scientic American Magazine, pp. 70-77, November 2006.
21. M. Jakobsson, "A Central Nervous System for Automatically Detecting Malware," blogs.parc.com/ blog/2009/09/a-central-nervous-system-for- automatically-detecting-malware/, September 9, 2009
22. M. Jakobsson, "Will mobile payments usher in a new era of crime?," blogs.parc.com/blog/2009/10/ will-mobile-payments-usher-in-a-new- era-of-crime/, October 13, 2009
23. M. Jakobsson, T. Jagatic, and S. Stamm, "Phishing for Clues: Inferring Context Using Cascading Style Sheets and Browser History," www.browser-recon.info.
24. Javelin Strategy and Research, "2008 Identity Fraud Survey Report", February 2008. www.javelinstrategy.com/products/F59339/97/ delivery.pdf.
25. P. Kumaraguru, S. Sheng, A. Acquisti, L.F. Cranor, and J.I. Hong, "PhishGuru: Lessons From a Real World Evaluation of Anti-Phishing Training," e-Crime Researchers Summit, Anti-Phishing Working Group, October 15-16, 2008.
26. H. Jin, G. Myles and J. Lotspiech, "Towards better software tamper resistance," Information Security Conference, Springer, 2005.
27. H. Jin, G. Myles and J. Lotspiech, "Key evolution-based tamper resistance: A subgroup extension," Association for Computing Machinery (ACM) Symposium on Information, Computer and Communications Security (ASIACCS), 2007.
28. Kaspersky Lab forecasts ten-fold increase in new malware for 2008. www.kaspersky.com/news?id=207575629.
29. E. Mills, "Microsoft to o er free consumer security suite," November, 2008. news.cnet.com/8301-1009-3-10101582-83.html.
30. J. Oberheide, E. Cooke and F. Jahanian, "CloudAV: N-Version Antivirus in the Network Cloud," Proceedings of the 17th USENIX Security Symposium (Security'08), 2008.
31. B. Schneier and J. Kelsey, "Cryptographic support for secure logs on untrusted machines," ACM TISSEC, 2(2):159Ñ176, 1999.
32. S. Srikwan and M. Jakobsson, "Using Cartoons to Teach Internet Security," Cryptologia, vol.32, no.2, 2008.
33. Symantec Report on the Underground Economy, Published November 2008, eval.symantec.com/mktginfo/enterprise/white- papers/b-whitepaper-underground- economy- report-11-2008-14525717.en-us.pdf.
34. Trusted Computing Group. Trusted platform module main specication. Version 1.2, Revision 103, July 2007.
35. P. Wang, M. C. Gonzalez, C. A. Hidalgo, and A.-L. Barabasi, "Understanding the Spreading Patterns of Mobile Phone Viruses," Science, 2 April 2009.
36. J. Wiens. A Tipping Point For The Trusted Platform Module? InformationWeek. 28 June 2008. www. informationweek.com/news/security/ encryption/ showArticle.jhtml?articleID=208800939.