[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Rezaeirad et al., 2018 - Google Patents

{Schrödinger's}{RAT}: Profiling the stakeholders in the remote access trojan ecosystem

Rezaeirad et al., 2018

View PDF
Document ID
7820794555919480352
Author
Rezaeirad M
Farinholt B
Dharmdasani H
Pearce P
Levchenko K
McCoy D
Publication year
Publication venue
27th USENIX Security Symposium (USENIX Security 18)

External Links

Snippet

Remote Access Trojans (RATs) are a class of malware that give an attacker direct, interactive access to a victim's personal computer, allowing the attacker to steal private data stored on the machine, spy on the victim in real-time using the camera and microphone, and …
Continue reading at www.usenix.org (PDF) (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F1/00Details of data-processing equipment not covered by groups G06F3/00 - G06F13/00, e.g. cooling, packaging or power supply specially adapted for computer application
    • G06F1/16Constructional details or arrangements
    • G06F1/18Packaging or power distribution
    • G06F1/181Enclosures

Similar Documents

Publication Publication Date Title
US20220224708A1 (en) Malware detection using watermark cookies
US10764313B1 (en) Method and system for protection against network-based cyber threats
Rezaeirad et al. {Schrödinger’s}{RAT}: Profiling the stakeholders in the remote access trojan ecosystem
Antonakakis et al. Understanding the mirai botnet
US9832213B2 (en) System and method for network intrusion detection of covert channels based on off-line network traffic
US10853484B2 (en) Cookies watermarking in malware analysis
Khera et al. Analysis and impact of vulnerability assessment and penetration testing
Velu et al. Mastering Kali Linux for Advanced Penetration Testing: Secure your network with Kali Linux 2019.1–the ultimate white hat hackers' toolkit
Stone-Gross et al. Your botnet is my botnet: analysis of a botnet takeover
CN106982188B (en) Malicious propagation source detection method and device
CN114402567A (en) Online detection of algorithmically generated domains
Almarri et al. Optimised malware detection in digital forensics
Yamada et al. RAT-based malicious activities detection on enterprise internal networks
Stiawan et al. Penetration Testing and Mitigation of Vulnerabilities Windows Server.
Darki et al. RIoTMAN: a systematic analysis of IoT malware behavior
Vetterl Honeypots in the age of universal attacks and the Internet of Things
Velu Mastering Kali Linux for advanced penetration testing
Masarweh et al. Threat led advanced persistent threat penetration test
Davanian et al. MalNet: A binary-centric network-level profiling of IoT malware
Cabaj et al. Practical problems of internet threats analyses
Rossow Using Malware Analysis to Evaluate Botnet Resilience
Bernardo Targeted attack detection by means of free and open source solutions
Farinholt Understanding the Remote Access Trojan malware ecosystem through the lens of the infamous DarkComet RAT
US20240333759A1 (en) Inline ransomware detection via server message block (smb) traffic
Bove Using honeypots to detect and analyze attack patterns on cloud infrastructures