Life-cycle monitoring scheme of malware download sites for websites | IEEE Conference Publication | IEEE Xplore

Life-cycle monitoring scheme of malware download sites for websites


Abstract:

To protect many websites on cloud computing environments, we propose a scheme for monitoring the life cycles of malware download sites for websites and report the actual ...Show More

Abstract:

To protect many websites on cloud computing environments, we propose a scheme for monitoring the life cycles of malware download sites for websites and report the actual life cycles as monitored by web honeypots carrying vulnerable web applications. Recently, attackers have been using a large number of websites as hopping sites to attack other websites and user terminals. To create hopping sites, many attackers use vulnerabilities in web applications to force victims to download malware. To protect websites from these attacks, technologies for filtering access from websites to malware download sites, which are set by attackers, are effective. However, to update the filtering configuration, it is necessary to periodically identify malware since malware may be changed or removed from malware download sites. We propose a scheme for automatically updating the filtering configuration. It is based on dynamic malware analysis using attack re-creation by coupling the attack collection function (i.e., a web honeypot), attack analysis function (i.e., web attack analyzer), and filter management function (i.e., site monitoring system). Our investigations revealed that some malware files on malware download sites are replaced with other types of malware. In addition, they revealed that the life cycles of malware download sites are similar to those of normal web pages.
Date of Conference: 13-15 December 2010
Date Added to IEEE Xplore: 04 February 2011
ISBN Information:
Print ISSN: 2163-2871
Conference Location: Perth, WA, Australia

References

References is not available for this document.