Titlebook: Detection of Intrusions and Malware, and Vulnerability Assessment; 4th International Co Bernhard H?mmerli,Robin Sommer Conference proceedin

Venules

Notorious

Protecting the Intranet Against “JavaScript Malware” and Related Attacksstill possesses certain functionality for cross domain communication. These capabilities can be employed by malicious JavaScript to gain access to intranet resources from the outside. In this paper we exemplify capabilities of such scripts. To protect intranet hosts against JavaScript based threats,

粗語

小蟲

cluster

小卷發(fā)

Measurement and Analysis of Autonomous Spreading Malware in a University Environment that can be remotely controlled by an attacker, malware can cause lots of harm. In this paper, we present a measurement setup to study the spreading and prevalence of malware that propagates autonomously. We present the results when observing about 16,000 IPs within a university environment for a p

acheon

Passive Monitoring of DNS Anomaliesesponse data have included typo squatter domains, fast flux domains and domains being (ab)used by spammers. We observe that current attempts to reduce spam have greatly increased the number of A records being resolved. We also observe that the data locality of DNS requests diminishes because of doma

遍及

Characterizing Dark DNS Behaviors space, for attack detection. While the attack traffic gleaned from such deployments has been thoroughly scrutinized, little attention has been paid to DNS queries targeting these addresses. In this paper, we introduce the concept of ., the DNS queries associated with darknet addresses, and charact

GET

Distributed Evasive Scan Techniques and Countermeasuresimportance of limiting the information obtained by the attacker, and the wide availability of such scan detection methods, there has been very little research on evasive scan techniques, which can potentially be used by attackers to avoid detection. In this paper, we first present a novel classifica

我們的面粉

On the Adaptive Real-Time Detection of Fast-Propagating Network Wormsms at the large class of worms that attempts to quickly propagate, thus exhibiting abnormal levels of the rate at which hosts initiate connections to new destinations. The foundation of RBS derives from the theory of sequential hypothesis testing, the use of which for detecting randomly scanning hos