Development of a secure traffic analysis system to trace malicious activities on internal networks

Proceedings - International Computer Software and Applications Conference

Volumn , Issue , 2014, Pages 305-310

  Hirono, Soshi ^a   Yamaguchi, Yukiko ^a   Shimada, Hajime ^a   Takakura, Hiroki ^a  

^a NAGOYA UNIVERSITY   (Japan)

Author keywords

dynamic analysis; malware; sandbox; targeted attack

Indexed keywords

APPLICATION PROGRAMS; COMPUTER CRIME; COMPUTER SOFTWARE; DYNAMIC ANALYSIS; MOBILE SECURITY; NETWORK SECURITY;

CONTROLLED DELIVERY; MALICIOUS ACTIVITIES; MALICIOUS TRAFFIC; MALWARE ANALYSIS; SANDBOX; SOFTWARE-DEFINED NETWORKINGS; TARGETED ATTACK; TRAFFIC ANALYSIS;

MALWARE;

EID: 84928631572     PISSN: 07303157     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/COMPSAC.2014.41     Document Type: Conference Paper

References (9)

1. Information-Technology Promotion Agency. (2013) Design and operational guide to protect against advanced persistent threats. https://www. ipa.go.jp/files/000017299.pdf.
2. H. Hasegawa, Y. Yamaguchi, H. Shimada, and H. Takakura, "Proposal of a network control system to detect, analyze and mitigate targeted cyber attacks (Internet architecture). IEICE technical report, vol. 113, no. 240, pp. 1-6, 2013.
3. H. Hasegawa, "A countermeasure recommendation system against targeted attacks with preserving continuity of internal networks. The 38th Annual International Computers, Software and Applications Conference, 2014, in press.
4. C. Willems, T. Holz, and F. Freiling, "Toward automated dynamic malware analysis using cwsandbox. Security Privacy, IEEE, vol. 5, no. 2, pp. 32-39, 2007.
5. C. Kreibich, N. Weaver, C. Kanich, W. Cui, and V. Paxson, "GQ: Practical containment for measuring modern malware systems. in Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, ser. IMC '11. ACM, 2011, pp. 397-412.
6. M. Vrable, J. Ma, J. Chen, D. Moore, E. Vandekieft, A. C. Snoeren, G. M. Voelker, and S. Savage, "Scalability, fidelity, and containment in the potemkin virtual honeyfarm. SIGOPS Oper. Syst. Rev., vol. 39, no. 5, pp. 148-162, 2005.
7. K. Yoshioka and T. Matsumoto, "Multi-pass malware sandbox analysis with controlled internet connection. IEICE transactions on fundamentals of electronics, communications and computer sciences, vol. 93, no. 1, pp. 210-218, 2010.
8. H. Takakura, Y. Ebara, S. Miyazaki, A. Sawada, M. Nakamura, and Y. Okabe, "Structure and security strategy of secure gigabit network system, KUINS-III (in Japanese). The transactions of the Institute of Electronics, Information and Communication Engineers. B, vol. 86, no. 8, pp. 1494-1501, 2003.
9. M. Sato, H. Yamaki, and H. Takakura, "Unknown attacks detection using feature extraction from anomaly-based IDS alerts. in Applications and the Internet, 2012 IEEE/IPSJ 12th International Symposium on, 2012, pp. 273-277.