DocumentCode
3515721
Title
Analyzing the process of installing rogue software
Author
Berthier, Robin ; Arjona, Jorge ; Cukier, Michel
Author_Institution
Dept. of Mech. Eng., Univ. of Maryland, College Park, MD, USA
fYear
2009
fDate
June 29 2009-July 2 2009
Firstpage
560
Lastpage
565
Abstract
This practical experience report presents the results of an experiment aimed at understanding the sequence of malicious actions following a remote compromise. The type of rogue software installed during attacks was used to classify and understand sequences of malicious actions. For this experiment, we used four Linux target computers running SSH with simple passwords. During the eight-month data collection period, we recorded a total of 1,171 attack sessions. In these sessions, attackers typed a total of 20,335 commands that we categorized into 24 specific actions. These actions were analyzed based on the type of rogue software installed by attackers.
Keywords
Linux; security of data; Linux target computers; malicious actions; rogue software installation; Computer networks; Computerized monitoring; Educational institutions; Information analysis; Linux; Mechanical engineering; Military computing; Radio access networks; Risk analysis; Telecommunications;
fLanguage
English
Publisher
ieee
Conference_Titel
Dependable Systems & Networks, 2009. DSN '09. IEEE/IFIP International Conference on
Conference_Location
Lisbon
Print_ISBN
978-1-4244-4422-9
Electronic_ISBN
978-1-4244-4421-2
Type
conf
DOI
10.1109/DSN.2009.5270293
Filename
5270293
Link To Document