Frequent Sequential Attack Patterns of Malware in Botnets (コンピュータセキュリティ(CSEC) Vol.2009-CSEC-48) Frequent Sequential Attack Patterns of Malware in Botnets

この論文にアクセスする

この論文をさがす

著者

抄録

More than 90 independent honeypots have observed malware traffc at the Japanese tier-1 backbone. Typical attacks are made by multiple servers coordinating to send many kinds of malwares. This paper aims to discover some frequent new sequential patterns of malware attacks. It is not easy to identify particular patterns from a-year-long logs because the volume dataset is too large to investigate one by one. To overcome the problem, this paper proposes a data mining algorithm, PrefixSpan method. We implement the PrefixSpan algorithm to analyze the malware traffc and show the experimental result. The result of the analysis shows the sequential patterns of malware attacks tend to be change all the time.More than 90 independent honeypots have observed malware traffc at the Japanese tier-1 backbone. Typical attacks are made by multiple servers coordinating to send many kinds of malwares. This paper aims to discover some frequent new sequential patterns of malware attacks. It is not easy to identify particular patterns from a-year-long logs because the volume dataset is too large to investigate one by one. To overcome the problem, this paper proposes a data mining algorithm, PrefixSpan method. We implement the PrefixSpan algorithm to analyze the malware traffc and show the experimental result. The result of the analysis shows the sequential patterns of malware attacks tend to be change all the time.

収録刊行物

  • 研究報告コンピュータセキュリティ(CSEC)  

    研究報告コンピュータセキュリティ(CSEC) 2010-CSEC-48(37), 1-7, 2010-02-25 

    情報処理学会

参考文献:  5件

参考文献を見るにはログインが必要です。ユーザIDをお持ちでない方は新規登録してください。

各種コード

  • NII論文ID(NAID)
    110007990987
  • NII書誌ID(NCID)
    AA11235941
  • 本文言語コード
    ENG
  • 資料種別
    Technical Report
  • ISSN
    09196072
  • NDL 記事登録ID
    025099417
  • NDL 請求記号
    YH267-101
  • データ提供元
    CJP書誌  NDL  IPSJ 
ページトップへ