Title :
Revealing and analysing modem malware
Author :
Celeda, Pavel ; Krejci, Radek ; Krmicek, Vojtech
Author_Institution :
Inst. of Comput. Sci., Masaryk Univ., Brno, Czech Republic
Abstract :
Malware targeting broadband devices like ADSL modems, routers and wireless access points is very frequent in recent days. In this paper, we provide a formal description of modem malware life cycle. Furthermore, we propose a set of techniques to perform detailed analysis of infected modem and we provide the binary samples of modem malware at our web repository. Description of the modem malware evolution is also included. Based on our experiences with analysing and monitoring modem malware, we report on long-term statistics of modem malware activities in campus network including a discovery of new botnet. We propose NetFlow based detection method to reveal the modem malware spreading.
Keywords :
invasive software; ADSL modems; NetFlow based detection method; Web repository; botnet; broadband devices; campus network; formal description; long-term statistics; modem malware life cycle; modem malware spreading; routers; wireless access points; IP networks; Malware; Modems; Random access memory; Servers; ISP; Linux; MIPSel; NetFlow; botnet; malware; modem; monitoring; network; security;
Conference_Titel :
Communications (ICC), 2012 IEEE International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4577-2052-9
Electronic_ISBN :
1550-3607
DOI :
10.1109/ICC.2012.6364598
