Abstract
As the functional complexity of the malicious software increases, their analyses faces new problems. The paper presents these aspects in the context of automatic analyses of Internet threats observed with the HoneyPot technology. The problems were identified based on the experience gained from the analyses of exploits and malware using the dedicated infrastructure deployed in the network of the Institute of Computer Science at Warsaw University of Technology. They are discussed on the background of the real-life case of a recent worm targeting Network Attached Storage (NAS) devices vulnerability. The paper describes the methodology and data analysis supporting systems as well as the concept of general and custom HoneyPots used in the research.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akamai Releases Third Quarter, 2013 ’State of the Internet’ Report, http://www.akamai.com/html/about/press/releases/2014/press_012814.html (access date: January 2015)
Nazimek, P., Sosnowski, J., Gawkowski, P.: Checking fault susceptibility of cryptographic algorithms. Pomiary-Automatyka-Kontrola (10), 827–830 (2009)
Sosnowski, J., Gawkowski, P., Cabaj, K.: Exploring the Space of System Monitoring. In: Bembenik, R., Skonieczny, Ł., Rybiński, H., Kryszkiewicz, M., Niezgódka, M. (eds.) Intell. Tools for Building a Scientific Information. SCI, vol. 467, pp. 501–517. Springer, Heidelberg (2013)
Provos, N., Holz, T.: Virtual Honeypots: From Botnet Tracking to Intrusion Detection. Addison-Wesley Professional (2007)
Bringer, M.L., Chelmecki, C.A., Fujinoki, H.: A Survey: Recent Advances and Future Trends in Honeypot Research. I. J. Computer Network and Information Security 10, 63–75 (2012)
Bodenheim, R., Butts, J., Dunlap, S., Mullins, B.: Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices. International Journal of Critical Infrastructure Protection 7(2), 114–123 (2014)
Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, Inc., New York (2001)
Cabaj, K., Gawkowski, P.: HoneyPot systems in practice. Przeglad Elektrotechniczny, Sigma NOT 91(2), 63–67 (2015), doi:10.15199/48.2015.02.16
Ullrich, J.: Update on CVE-2014-6271: Vulnerability in bash (shellshock) InfoSec Handlers Diary Blog, https://isc.sans.edu/diary/18707 (access data: January 2015)
Cabaj, K., Denis, M., Buda, M.: Management and Analytical Software for Data Gathered from HoneyPot System. Information Systems in Management 2, 182–193 (2013)
Cabaj, K.: Visualization As Support For Data Analysis. To appear in Information Systems in Management
Koetter M.: libemu: Detecting selfencrypted shellcode in network streams. The Honeynet Project (access date: January 2015)
Baecher, P., Koetter, M., Holz, T., Dornseif, M., Freiling, F.: The nepenthes platform: An efficient approach to collect malware. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 165–184. Springer, Heidelberg (2006)
Xu, M., Wu, L., Qi, S., Xu, J., Zhang, H., Ren, Y., Zheng, N.: A similarity metric method of obfuscated malware using function-call graph. Journal in Computer Virology Archive 9(1), 35–47 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Cabaj, K., Grochowski, K., Gawkowski, P. (2015). Practical Problems of Internet Threats Analyses. In: Zamojski, W., Mazurkiewicz, J., Sugier, J., Walkowiak, T., Kacprzyk, J. (eds) Theory and Engineering of Complex Systems and Dependability. DepCoS-RELCOMEX 2015. Advances in Intelligent Systems and Computing, vol 365. Springer, Cham. https://doi.org/10.1007/978-3-319-19216-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-19216-1_9
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19215-4
Online ISBN: 978-3-319-19216-1
eBook Packages: EngineeringEngineering (R0)