Abstract
There is little detailed information about the lifetime of network malware and malware infected systems. There is a lot of information about the emergence of some new versions of malware, used security vulnerabilities, methods and the range of infection but they are generally related to the start of life cycle of malware. Much less information is available about what happens next – how long the malware actively is distributed on the network, how long operate infected hosts and how the amount of infected systems fluctuates with time.
The paper presents the results of nearly two years’ operation of honeypot systems, installed on unprotected research network, throwing some lights on the longtime malware activity.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Trustwave’s SpiderLabs: Monthly Web Honeypot Status Report, http://blog.spiderlabs.com/honeypot-alert/
IBM X-Force® 2011 Mid-year Trend and Risk Report (2011), http://www-935.ibm.com/services/us/iss/xforce/trendreports/
Q1 2007 Malware Outbreak Trends (2007), http://www.commtouch.com
Annual Report PandaLabs (2011), http://press.pandasecurity.com/wp-content/uploads/2012/01/Annual-Report-PandaLabs-2011.pdf
iDEFENSE Labs Releases Multipot, http://seclists.org/honeypots/2005/q3/17
Dionaea catches bugs, http://dionaea.carnivore.it/
http://us.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=mydoom
http://netsecurity.about.com/od/hackertools/p/aapr092004.html
Roberts, R.: Malware Development Lifecycle. In: Virus Bulletin Conference (October 2008), http://www.microsoft.com/download/en/details.aspx?id=18919
Ollmann, G.: Behind Today’s Crimeware Installation Lifecycle: How Advanced Malware Morphs to Remain Stealthy and Persistent, http://www.damballa.com/downloads/r_pubs/WP_Advanced_Malware_Install_LifeCycle.pdf
ESET NOD32 Antivirus, http://www.eset.pl/Dla_domu_i_firmy/Produkty/ESET_NOD32_Antivirus
Barrett, L.: Malware Volume Surges, But Lifespan Is short, http://www.esecurityplanet.com/trends/article.php/3914966/Malware-Volume-Surges-But-Lifespan-Is-Short.html
Fisher, D.: The Infections That Will Not Die: Conficker and Auto Run, http://threatpost.com/en_us/blogs/infections-will-not-die-conficker-and-autorun-011712
Ollmann, G.: Old threats never die, http://www.iss.net/documents/whitepapers/old_threats_never_die_wp.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Skrzewski, M. (2012). Network Malware Activity – A View from Honeypot Systems. In: Kwiecień, A., Gaj, P., Stera, P. (eds) Computer Networks. CN 2012. Communications in Computer and Information Science, vol 291. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31217-5_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-31217-5_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31216-8
Online ISBN: 978-3-642-31217-5
eBook Packages: Computer ScienceComputer Science (R0)