Malicious activities on the Web are increasingly threatening users in the Internet. Home networks are one of the prime targets of the attackers to host malware, commonly exploited as a stepping stone to further launch a variety of attacks. Due to diversification, existing security solutions often fail to detect malicious activities that remain hidden and pose threats to users' security and privacy. Characterizing behavioral patterns of known malware can help to improve the classification accuracy of threats. More importantly, as different malware might share commonalities, studying the behavior of known malware could help the detection of previously unknown malicious activities. We pose the research question if it is possible to characterize such behavioral patterns analyzing the traffic from known infected clients. We present our quest to discover such characterizations. Results show that commonalities arise but their identification may require some ingenuity. We also present our discovery of malicious activities that were left undetected by commercial IDS.

Macroscopic view of malware in home networks / Finamore, Alessandro; Saha, Sabyasachi; Modelo Howard, Gaspar; Lee, Sung Ju; Bocchi, Enrico; Grimaudo, Luigi; Mellia, Marco; Baralis, ELENA MARIA. - STAMPA. - (2015), pp. 262-266. (Intervento presentato al convegno 2015 12th Annual IEEE Consumer Communications and Networking Conference, CCNC 2015 tenutosi a usa nel 2015) [10.1109/CCNC.2015.7157987].

Macroscopic view of malware in home networks

FINAMORE, ALESSANDRO;BOCCHI, ENRICO;GRIMAUDO, LUIGI;MELLIA, Marco;BARALIS, ELENA MARIA
2015

Abstract

Malicious activities on the Web are increasingly threatening users in the Internet. Home networks are one of the prime targets of the attackers to host malware, commonly exploited as a stepping stone to further launch a variety of attacks. Due to diversification, existing security solutions often fail to detect malicious activities that remain hidden and pose threats to users' security and privacy. Characterizing behavioral patterns of known malware can help to improve the classification accuracy of threats. More importantly, as different malware might share commonalities, studying the behavior of known malware could help the detection of previously unknown malicious activities. We pose the research question if it is possible to characterize such behavioral patterns analyzing the traffic from known infected clients. We present our quest to discover such characterizations. Results show that commonalities arise but their identification may require some ingenuity. We also present our discovery of malicious activities that were left undetected by commercial IDS.
2015
9781479963904
9781479963904
File in questo prodotto:
File Dimensione Formato  
CCNC15-malware.pdf

accesso aperto

Descrizione: Camera ready
Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 397.32 kB
Formato Adobe PDF
397.32 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2625357
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo