Real-time detection of malware activities by analyzing darknet traffic using graphical lasso

Chansu Han, Jumpei Shimamura, Takeshi Takahashi, Daisuke Inoue, Masanori Kawakita, Jun'Ichi Takeuchi, Koji Nakao

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

2 被引用数 (Scopus)

抄録

Recent malware evolutions have rendered cyberspace less secure, and we are currently witnessing an increasing number of severe security incidents. To minimize the impact of malware activities, it is important to detect them promptly and precisely. We have been working on this issue by monitoring traffic coming into unused IP address spaces, i.e., the darknet. On our darknet, Internet-wide scans from malware are observed as if they are coordinated or working cooperatively. Based on this observation, our earlier method monitored network traffic arriving at our darknet, estimated the degree of cooperation between each pair of the source hosts, and detected significant changes in cooperation among source hosts as a sign of newly activated malware activities. However, this method does not work in real time, and thus, it is impractical. In this study, we extend our earlier work and propose an online processing algorithm, making it possible to detect malware activities in real time. In our evaluation, we measure the detection performance of the proposed method with our proof-of-concept implementation to demonstrate its feasibility and effectiveness in terms of detecting the rise of new malware activities in real time.

本文言語英語
ホスト出版物のタイトルProceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019
出版社Institute of Electrical and Electronics Engineers Inc.
ページ144-151
ページ数8
ISBN(電子版)9781728127767
DOI
出版ステータス出版済み - 8 2019
イベント18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019 - Rotorua, ニュージ―ランド
継続期間: 8 5 20198 8 2019

出版物シリーズ

名前Proceedings - 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019

会議

会議18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering, TrustCom/BigDataSE 2019
Countryニュージ―ランド
CityRotorua
Period8/5/198/8/19

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Artificial Intelligence

フィンガープリント 「Real-time detection of malware activities by analyzing darknet traffic using graphical lasso」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル