Yeh et al., 2015 - Google Patents
An Automated Framework for Command and Control Server Connection and Malicious Mail DetectionYeh et al., 2015
View PDF- Document ID
- 8538250864643722704
- Author
- Yeh L
- Tsai Y
- Publication year
- Publication venue
- ICNS 2015
External Links
Snippet
In recent Internet development, the amount of malware has increased significantly. There are more and more methods that hackers can use to infect personal computers to send spam mails, steal personal information, and launch Distributed Denial of Service (DDoS) …
- 238000001514 detection method 0 title description 6
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/567—Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10084791B2 (en) | Evaluating a questionable network communication | |
| EP2147390B1 (en) | Detection of adversaries through collection and correlation of assessments | |
| US10542006B2 (en) | Network security based on redirection of questionable network access | |
| He et al. | Mobile application security: malware threats and defenses | |
| Banu et al. | A comprehensive study of phishing attacks | |
| US7953969B2 (en) | Reduction of false positive reputations through collection of overrides from customer deployments | |
| Kirda et al. | Client-side cross-site scripting protection | |
| US8181250B2 (en) | Personalized honeypot for detecting information leaks and security breaches | |
| Sood et al. | An empirical study of HTTP-based financial botnets | |
| GB2534459A (en) | Improving security of computer resources | |
| JP2008532133A (en) | System and method for detecting and mitigating DNS camouflaged Trojans | |
| Soltani et al. | A survey on real world botnets and detection mechanisms | |
| Chhikara et al. | Phishing & anti-phishing techniques: Case study | |
| Hindocha et al. | Malicious threats and vulnerabilities in instant messaging | |
| US20180316697A1 (en) | Method of aiding the detection of infection of a terminal by malware | |
| Yeh et al. | An Automated Framework for Command and Control Server Connection and Malicious Mail Detection | |
| Lee et al. | Threats Hidden in Office Network: Mechanism of Credential Harvesting for Lateral Movement. | |
| Sheikh et al. | Mitigating BOT-based methods for email address harvesting and spamming | |
| Ali | Social Engineering: Phishing latest and future techniques | |
| Xie et al. | Secure instant messaging in enterprise-like networks | |
| CN114297650B (en) | Data flow protection method and device based on application system | |
| Chen et al. | An overview of electronic attacks | |
| US20250047687A1 (en) | Detecting and protecting claimable non-existent domains | |
| Liakopoulos | Malware analysis & C2 covert channels | |
| Saxena | Latest Techniques Used to Detect the Botnet |