Other formats:
BibTeX
LaTeX
RIS
@inproceedings{1310627, author = {Ghafir, Ibrahim and Přenosil, Václav}, address = {Hyderabad}, booktitle = {Proceedings of the Second International Conference on Computer and Communication Technologies, series Advances in Intelligent Systems and Computing}, doi = {http://dx.doi.org/10.1007/978-81-322-2517-1_63}, editor = {Suresh Chandra Satapathy, K. Srujan Raju, Jyotsna Kumar Mandal, Vikrant Bhateja}, keywords = {cyber attacks; botnet; malware; malicious file hash; intrusion detection system}, howpublished = {tištěná verze "print"}, language = {eng}, location = {Hyderabad}, isbn = {978-81-322-2516-4}, pages = {661-669}, publisher = {Springer}, title = {Malicious File Hash Detection and Drive-by Download Attacks}, url = {http://link.springer.com/chapter/10.1007/978-81-322-2517-1_63}, year = {2016} }
TY - JOUR ID - 1310627 AU - Ghafir, Ibrahim - Přenosil, Václav PY - 2016 TI - Malicious File Hash Detection and Drive-by Download Attacks PB - Springer CY - Hyderabad SN - 9788132225164 KW - cyber attacks KW - botnet KW - malware KW - malicious file hash KW - intrusion detection system UR - http://link.springer.com/chapter/10.1007/978-81-322-2517-1_63 L2 - http://link.springer.com/chapter/10.1007/978-81-322-2517-1_63 N2 - Malicious web content has become the essential tool used by cybercriminals to accomplish their attacks on the Internet. In addition, attacks that target web clients, in comparison to infrastructure components, have become prevalent. Malware drive-by downloads are a recent challenge, as their spread appears to be increasing substantially in malware distribution attacks. In this paper we present our methodology for detecting any malicious file downloaded by one of the network hosts. Our detection method is based on a blacklist of malicious file hashes. We process the network traffic, analyze all connections, and calculate MD5, SHA1, and SHA256 hash for each new file seen being transferred over a connection. Then we match the calculated hashes with the blacklist. The blacklist of malicious file hashes is automatically updated each day and the detection is in the real time. ER -
GHAFIR, Ibrahim and Václav PŘENOSIL. Malicious File Hash Detection and Drive-by Download Attacks. In Suresh Chandra Satapathy, K. Srujan Raju, Jyotsna Kumar Mandal, Vikrant Bhateja. \textit{Proceedings of the Second International Conference on Computer and Communication Technologies, series Advances in Intelligent Systems and Computing}. Hyderabad: Springer, 2016, p.~661-669. ISBN~978-81-322-2516-4. Available from: https://dx.doi.org/10.1007/978-81-322-2517-1\_{}63.
|