The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Botnets have become one of the most serious threats to current Internet and future network security. Only finding and connecting command and control(C&C) servers can bots join and work for botnet, hence how to find C&C servers is critical to botnet management and running. In this paper, we preliminarily summarize and classify the currently typical C&C server finding schemes as three types:...
We present nDEWS, a Hadoop-based automatic early warning system of malicious domains for domain name registry operators, such as top-level domain (TLD) registries. By monitoring an entire DNS zone, nDEWS is able to single out newly added suspicious domains by analyzing both domain registration and global DNS lookup patterns of a TLD. nDEWS is capable to detect several types of domain abuse, such as...
The detection of APT has recently become an urgent problem needing to be resolved. Attackers use Remote Access Trojan/Remote Administration Tools (RATs), which often bypass general security measures, and the traditional detection techniques don't consider reconnaissance activities after RAT infections. We analyzed the behavior of the reconnaissance for this paper so that RAT-based malicious activities...
As most of the malware nowadays use Internet as their main doorway to infect a new system, it has become imperative for security vendors to provide cloud-based solutions that can filter and block malicious URLs. This paper presents different practical considerations related to this problem. The key points that we focus on are the usage of different machine learning techniques and unsupervised learning...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.