Malware distributed collection and pre-classification system using honeypot technology

Detalhes bibliográficos
Autor(a) principal: Grégio, André R. A.
Data de Publicação: 2009
Outros Autores: Oliveira, Isabela L. [UNESP], Santos, Rafael D. C., Cansian, Adriano M. [UNESP], DeGeus, Paulo L.
Tipo de documento: Artigo de conferência
Idioma: eng
Título da fonte: Repositório Institucional da UNESP
Texto Completo: http://dx.doi.org/10.1117/12.818310
http://hdl.handle.net/11449/71036
Resumo: Malware has become a major threat in the last years due to the ease of spread through the Internet. Malware detection has become difficult with the use of compression, polymorphic methods and techniques to detect and disable security software. Those and other obfuscation techniques pose a problem for detection and classification schemes that analyze malware behavior. In this paper we propose a distributed architecture to improve malware collection using different honeypot technologies to increase the variety of malware collected. We also present a daemon tool developed to grab malware distributed through spam and a pre-classification technique that uses antivirus technology to separate malware in generic classes. © 2009 SPIE.
id UNSP_d96cbe9ab128517187c0d3ed1e598b24
oai_identifier_str oai:repositorio.unesp.br:11449/71036
network_acronym_str UNSP
network_name_str Repositório Institucional da UNESP
repository_id_str 2946
spelling Malware distributed collection and pre-classification system using honeypot technologyHoneyclientsHoneypotsInformation systems securityMalicious softwareMalware collectionComputer softwareInformation managementInformation systemsInternetIntrusion detectionMiningComputer crimeMalware has become a major threat in the last years due to the ease of spread through the Internet. Malware detection has become difficult with the use of compression, polymorphic methods and techniques to detect and disable security software. Those and other obfuscation techniques pose a problem for detection and classification schemes that analyze malware behavior. In this paper we propose a distributed architecture to improve malware collection using different honeypot technologies to increase the variety of malware collected. We also present a daemon tool developed to grab malware distributed through spam and a pre-classification technique that uses antivirus technology to separate malware in generic classes. © 2009 SPIE.Institute of Computing University of Campinas (UNICAMP), Campinas, SPUNESP - Universidade Estadual Paulista Sao Paulo State University Sao Jose do Rio Preto CampusComputing and Applied Mathematics Lab. National Institute for Space Research (INPE) São José dos Campos, SPUNESP - Universidade Estadual Paulista Sao Paulo State University Sao Jose do Rio Preto CampusUniversidade Estadual de Campinas (UNICAMP)Universidade Estadual Paulista (Unesp)São José dos CamposGrégio, André R. A.Oliveira, Isabela L. [UNESP]Santos, Rafael D. C.Cansian, Adriano M. [UNESP]DeGeus, Paulo L.2014-05-27T11:23:55Z2014-05-27T11:23:55Z2009-06-15info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjecthttp://dx.doi.org/10.1117/12.818310Proceedings of SPIE - The International Society for Optical Engineering, v. 7344.0277-786Xhttp://hdl.handle.net/11449/7103610.1117/12.8183102-s2.0-6674917363500959219433459740000-0003-4494-1454Scopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPengProceedings of SPIE - The International Society for Optical Engineeringinfo:eu-repo/semantics/openAccess2021-10-23T21:44:32Zoai:repositorio.unesp.br:11449/71036Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462024-08-05T22:08:29.906482Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false
dc.title.none.fl_str_mv Malware distributed collection and pre-classification system using honeypot technology
title Malware distributed collection and pre-classification system using honeypot technology
spellingShingle Malware distributed collection and pre-classification system using honeypot technology
Grégio, André R. A.
Honeyclients
Honeypots
Information systems security
Malicious software
Malware collection
Computer software
Information management
Information systems
Internet
Intrusion detection
Mining
Computer crime
title_short Malware distributed collection and pre-classification system using honeypot technology
title_full Malware distributed collection and pre-classification system using honeypot technology
title_fullStr Malware distributed collection and pre-classification system using honeypot technology
title_full_unstemmed Malware distributed collection and pre-classification system using honeypot technology
title_sort Malware distributed collection and pre-classification system using honeypot technology
author Grégio, André R. A.
author_facet Grégio, André R. A.
Oliveira, Isabela L. [UNESP]
Santos, Rafael D. C.
Cansian, Adriano M. [UNESP]
DeGeus, Paulo L.
author_role author
author2 Oliveira, Isabela L. [UNESP]
Santos, Rafael D. C.
Cansian, Adriano M. [UNESP]
DeGeus, Paulo L.
author2_role author
author
author
author
dc.contributor.none.fl_str_mv Universidade Estadual de Campinas (UNICAMP)
Universidade Estadual Paulista (Unesp)
São José dos Campos
dc.contributor.author.fl_str_mv Grégio, André R. A.
Oliveira, Isabela L. [UNESP]
Santos, Rafael D. C.
Cansian, Adriano M. [UNESP]
DeGeus, Paulo L.
dc.subject.por.fl_str_mv Honeyclients
Honeypots
Information systems security
Malicious software
Malware collection
Computer software
Information management
Information systems
Internet
Intrusion detection
Mining
Computer crime
topic Honeyclients
Honeypots
Information systems security
Malicious software
Malware collection
Computer software
Information management
Information systems
Internet
Intrusion detection
Mining
Computer crime
description Malware has become a major threat in the last years due to the ease of spread through the Internet. Malware detection has become difficult with the use of compression, polymorphic methods and techniques to detect and disable security software. Those and other obfuscation techniques pose a problem for detection and classification schemes that analyze malware behavior. In this paper we propose a distributed architecture to improve malware collection using different honeypot technologies to increase the variety of malware collected. We also present a daemon tool developed to grab malware distributed through spam and a pre-classification technique that uses antivirus technology to separate malware in generic classes. © 2009 SPIE.
publishDate 2009
dc.date.none.fl_str_mv 2009-06-15
2014-05-27T11:23:55Z
2014-05-27T11:23:55Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/conferenceObject
format conferenceObject
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://dx.doi.org/10.1117/12.818310
Proceedings of SPIE - The International Society for Optical Engineering, v. 7344.
0277-786X
http://hdl.handle.net/11449/71036
10.1117/12.818310
2-s2.0-66749173635
0095921943345974
0000-0003-4494-1454
url http://dx.doi.org/10.1117/12.818310
http://hdl.handle.net/11449/71036
identifier_str_mv Proceedings of SPIE - The International Society for Optical Engineering, v. 7344.
0277-786X
10.1117/12.818310
2-s2.0-66749173635
0095921943345974
0000-0003-4494-1454
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv Proceedings of SPIE - The International Society for Optical Engineering
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.source.none.fl_str_mv Scopus
reponame:Repositório Institucional da UNESP
instname:Universidade Estadual Paulista (UNESP)
instacron:UNESP
instname_str Universidade Estadual Paulista (UNESP)
instacron_str UNESP
institution UNESP
reponame_str Repositório Institucional da UNESP
collection Repositório Institucional da UNESP
repository.name.fl_str_mv Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)
repository.mail.fl_str_mv
_version_ 1808129396227178496

Registros relacionados