A lustrum of malware network communication: Evolution and insights
Both the operational and academic security communities have used dynamic analysis
sandboxes to execute malware samples for roughly a decade. Network information derived …
sandboxes to execute malware samples for roughly a decade. Network information derived …
A cognitive and concurrent cyber kill chain model
MS Khan, S Siddiqui, K Ferens - Computer and Network Security …, 2018 - Springer
A cyber kill chain is a traditional model to analyze cyber security threats, whether there is a
malware inside a computer system, covert and illegitimate channels found on a network, or …
malware inside a computer system, covert and illegitimate channels found on a network, or …
Threats to online advertising and countermeasures: A technical survey
Online advertising, also known as web advertising or Internet marketing, is the means and
process of promoting products and services on the Internet, and it has been one of the …
process of promoting products and services on the Internet, and it has been one of the …
Malicious URL protection based on attackers' habitual behavioral analysis
In terms of URL-based features, some studies have classified malicious URLs into a group
with the same attributes. However, the malicious URLs are of two different types, each of …
with the same attributes. However, the malicious URLs are of two different types, each of …
EKnad: Exploit Kits' network activity detection
Abstract Web Exploit Kits (EKs) are designed to exploit browsers and browsers plugins
vulnerabilities, in order to serve malware without drawing user's attention. Despite their …
vulnerabilities, in order to serve malware without drawing user's attention. Despite their …
How do they find us? A study of geolocation tracking techniques of malicious web sites
M Mansoori, I Welch - Computers & Security, 2020 - Elsevier
Geolocation cloaking is a process in which varying and customised web content is delivered
to visiting users based on the geographical information derived from the users' system and …
to visiting users based on the geographical information derived from the users' system and …
WebMon: ML-and YARA-based malicious webpage detection
S Kim, J Kim, S Nam, D Kim - Computer Networks, 2018 - Elsevier
Attackers use the openness of the Internet to facilitate the dissemination of malware. Their
attempts to infect target systems via the Web have increased with time and are unlikely to …
attempts to infect target systems via the Web have increased with time and are unlikely to …
LSTM RNN: detecting exploit kits using redirection chain sequences
While consumers use the web to perform routine activities, they are under the constant threat
of attack from malicious websites. Even when visiting 'trusted'sites, there is always a risk that …
of attack from malicious websites. Even when visiting 'trusted'sites, there is always a risk that …
To get lost is to learn the way: Automatically collecting multi-step social engineering attacks on the web
By exploiting people's psychological vulnerabilities, modern web-based social engineering
(SE) attacks manipulate victims to download malware and expose personal information. To …
(SE) attacks manipulate victims to download malware and expose personal information. To …
Cybercrime at a scale: A practical study of deployments of HTTP-based botnet command and control panels
AK Sood, S Zeadally, R Bansal - IEEE Communications …, 2017 - ieeexplore.ieee.org
Cybercriminals deploy botnets for conducting nefarious operations on the Internet. Botnets
are managed on a large scale and harness the power of compromised machines, which are …
are managed on a large scale and harness the power of compromised machines, which are …