Share Email Print
cover

Proceedings Paper

Malware distributed collection and pre-classification system using honeypot technology
Author(s): André R. A. Grégio; Isabela L. Oliveira; Rafael D. C. Santos; Adriano M. Cansian; Paulo L. de Geus
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

Malware has become a major threat in the last years due to the ease of spread through the Internet. Malware detection has become difficult with the use of compression, polymorphic methods and techniques to detect and disable security software. Those and other obfuscation techniques pose a problem for detection and classification schemes that analyze malware behavior. In this paper we propose a distributed architecture to improve malware collection using different honeypot technologies to increase the variety of malware collected. We also present a daemon tool developed to grab malware distributed through spam and a pre-classification technique that uses antivirus technology to separate malware in generic classes.

Paper Details

Date Published: 13 April 2009
PDF: 8 pages
Proc. SPIE 7344, Data Mining, Intrusion Detection, Information Security and Assurance, and Data Networks Security 2009, 73440B (13 April 2009); doi: 10.1117/12.818310
Show Author Affiliations
André R. A. Grégio, Univ. of Campinas (Brazil)
Isabela L. Oliveira, Sao Paulo State Univ. (Brazil)
Rafael D. C. Santos, National Institute for Space Research (Brazil)
Adriano M. Cansian, Sao Paulo State Univ. (Brazil)
Paulo L. de Geus, Univ. of Campinas (Brazil)


Published in SPIE Proceedings Vol. 7344:
Data Mining, Intrusion Detection, Information Security and Assurance, and Data Networks Security 2009
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top