Abstract
Gathering information on malware activity is based on two sources of information: trap systems (Honeypots) and program agents in the AntiVirus tools. Both of them deliver only fragmentary picture of malware population, visible from trap systems or from users systems on corporate or home networks. Due to this fragmentation, there is no uniform overall picture of malware state, and various sources present different, often quite different approximations thereof, depending on the their ability of gathering samples of various types of threats and operating locally malware. Another question is how complete is this picture and whether the tools used do not lose some important informations. The paper compares current available informations about malware with data gathered by a set of honeypot systems and discusses usability of some types of malware traps at current state of malware expansion.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Skrzewski, M.: Monitoring malware activity on the LAN network. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2010. CCIS, vol. 79, pp. 253–262. Springer, Heidelberg (2010)
Skrzewski, M.: Network malware activity – a view from honeypot systems. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2012. CCIS, vol. 291, pp. 198–206. Springer, Heidelberg (2012)
IBM X-Force Threat Intelligence Quarterly, 4Q 2015. http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&htmlfid=WGL03099USEN&attachment=WGL03099USEN.PDF
Verizon 2014 data breach investigation report. https://dti.delaware.gov/pdfs/rp_Verizon-DBIR-2014_en_xg.pdf
Symantec, Internet security threat report 2014. http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf
McAfee Labs, 2016 Threats Predictions. http://www.mcafee.com/us/resources/reports/rp-threats-predictions-2016.pdf
Emm, D.: The threat landscape. http://media.kaspersky.com/en/business-security/kaspersky-threat-landscape-it-online-security-guide.pdf
Symantec, Internet security threat report appendices, ISTR20. https://www4.symantec.com/mktginfo/whitepaper/ISTR/21347932_GA-internet-security-threat-report-volume-20-2015-social_v2.pdf
McAfee Labs, Threats report Fourth Quarter 2013. http://www.mcafee.com/mx/resources/reports/rp-quarterly-threat-q4-2013.pdf
http://landing.damballa.com/state-infections-report-q4-2014.html
Bott, E.: The malware numbers game: how many viruses are out there? http://www.zdnet.com/article/the-malware-numbers-game-how-many-viruses-are-out-there/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Skrzewski, M. (2016). About the Efficiency of Malware Monitoring via Server-Side Honeypots. In: Gaj, P., Kwiecień, A., Stera, P. (eds) Computer Networks. CN 2016. Communications in Computer and Information Science, vol 608. Springer, Cham. https://doi.org/10.1007/978-3-319-39207-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-39207-3_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-39206-6
Online ISBN: 978-3-319-39207-3
eBook Packages: Computer ScienceComputer Science (R0)