1 / 23

ANALYSIS OF WEB-BASED BOT MALWARE INFECTION

ANALYSIS OF WEB-BASED BOT MALWARE INFECTION. Louena L. Manluctao East Early College High School Houston Independent School District. Dr. Guofei Gu Assistant Professor Department of Computer Science & Engineering Director, SUCCESS LAB TEXAS A & M University. Dr Guofei Gu. EDUCATION

fawzi
Download Presentation

ANALYSIS OF WEB-BASED BOT MALWARE INFECTION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ANALYSIS OF WEB-BASED BOT MALWARE INFECTION • Louena L. Manluctao • East Early College High School • Houston Independent School District • Dr. Guofei Gu • Assistant Professor • Department of Computer Science & Engineering • Director, SUCCESS LAB • TEXAS A & M University

  2. Dr GuofeiGu • EDUCATION • Ph. D in Computer Science • Georgia Institute of Technology • M.S. in Computer Science • Fudan University

  3. Research interest • Network and system security such as Internet malware detection, defense, and analysis • Intrusion detection, anomaly detection • Network security • Web and social networking security

  4. Success LAB • Success Lab Students • PhD • Seungwon Shin • Chao Yang • ZhaoyanXu • Jialong Zhang • MS • Robert Harkreader • ShardulVikram • Vijayasenthil VC • Lingfeng Chen • Alumni • Yimin Song (MS, first employment: Juniper Networks)

  5. Network & Web Security Botnet Analysis: Conficker Seungwon Shin and Guofei Gu. "Conficker and Beyond: A Large-Scale Empirical Study." To appear in Proceedings of2010 Annual Computer Security Applications Conference (ACSAC'10), Austin, Texasi, December 2010. Seungwon shin

  6. Network & Web Security Botnet Analysis: Conficker Seungwon Shin, Raymond Lin, Guofei Gu. "Cross-Analysis of Botnet Victims: New Insights and Implications." To appear in Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID 2011), Menlo Park, California, September 2011. Seungwon shin

  7. Wireless Security Rogue Access Point Detection Yimin Song, Chao Yang, Guofei Gu. "Who Is Peeping at Your Passwords at Starbucks? -- To Catch an Evil Twin Access Point." In Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'10), Chicago, IL, June 2010 chao yang

  8. Social Networking Website Security Twitter Spammer Accounts Detection Chao Yang, Robert Harkreader, Guofei Gu. "Die Free or Live Hard? Empirical Evaluation and New Design for Fighting Evolving Twitter Spammers." To appear in Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID 2011), Menlo Park, California, September 2011. chao yang

  9. Malware Analysis • Analysis of binary code and source code • Dynamic Analysis • Static Analysis • Reverse Engineering • Protocol • Semanticis Zhaoyanxu

  10. Intrusion and Detection System Enterprise Network Security Assist Us with computer terms Jialong Zhang

  11. The art of secret writing Converts data into unintelligible (random looking) form Must be reversible (recover original data without loss or modification) Applied cryptography

  12. Plaintext: a message in its original form Ciphertext: a message in the transformed, unrecognized form Encryption: the process that transforms a plaintext into a ciphertext Decryption: the process that transforms a ciphertext to the corresponding plaintext Key: the value used to control encryption/decryption. Encryption/Decryption

  13. Probability and statisitics

  14. Probability and statistics

  15. To Solve Practical Security Problems • Internet malware detection, defense, and analysis • Intrusion detection, anomaly detections • Network security • Web and social networking security • To help society and country from threat of national security Relevance of the research

  16. Research activity

  17. Help researchers identify the type of responses that are most effective against botnets • Design Goals • assist the defenders in identifying possible types of botnets • describe key properties of botnet classes Purpose of botnet taxonomy

  18. Key metrics for botnet structuresbotnet effectiveness • Estimate of overall utility. Measure the largest number of bots that can receive instructions and participate in an attack. • Average amount of bandwidth that a bot can contribute, denoted by B.

  19. Botnet efficiency • Network diameter is one means of expressing this efficiency. • This is the average geodesic length of a network.

  20. Botnet robustness • Clustering coefficient measures the average degree of local transitivity. • The transitivity measure index generally captures the robustness of a botnet

  21. Botnet network modelsErdos-Renyi random graph models • Random graphs are created to avoid creating predictable flows. • In a random graph, each node is connected with equal probability to the other N-1 nodes. • The chance that a bot has a degree of k is the binomial distribution:

  22. Acknowledgements Texas A&M University Dr. Guofie Gu National Science Foundation Nuclear Power Institute Chevron Texas Workforce Commission

  23. Wilber Rivas, Math Teacher, Del Rio High School Chao Yang, Phd Student Jialong Zhang, Phd Student

More Related