Open Access. Powered by Scholars. Published by Universities.®
Databases and Information Systems Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Work at Verisign Labs (2)
- Access level (1)
- Access rights (1)
- Computer security (1)
- Data protection (1)
-
- Data security (1)
- Domain (1)
- Drive by downloads (1)
- Dynamic DNS (1)
- Dynamic execution (1)
- Information systems (1)
- MIS security (1)
- Machine learning (1)
- Malcode (1)
- Malware (1)
- Management Information Systems (1)
- Management information system (1)
- Registrar (1)
- Sandboxing (1)
- Threat indicators (1)
- URL (1)
- Vulnerability (1)
- Web rendering (1)
- Web security (1)
- Publication
Articles 1 - 3 of 3
Full-Text Articles in Databases and Information Systems
Adam: Automated Detection And Attribution Of Malicious Webpages, Ahmed E. Kosba, Aziz Mohaisen, Andrew G. West, Trevor Tonn, Huy Kang Kim
Adam: Automated Detection And Attribution Of Malicious Webpages, Ahmed E. Kosba, Aziz Mohaisen, Andrew G. West, Trevor Tonn, Huy Kang Kim
Andrew G. West
Malicious webpages are a prevalent and severe threat in the Internet security landscape. This fact has motivated numerous static and dynamic techniques to alleviate such threats. Building on this existing literature, this work introduces the design and evaluation of ADAM, a system that uses machine-learning over network metadata derived from the sandboxed execution of webpage content. ADAM aims to detect malicious webpages and identify the nature of those vulnerabilities using a simple set of features. Machine-trained models are not novel in this problem space. Instead, it is the dynamic network artifacts (and their subsequent feature representations) collected during rendering that …
Metadata-Driven Threat Classification Of Network Endpoints Appearing In Malware, Andrew G. West, Aziz Mohaisen
Metadata-Driven Threat Classification Of Network Endpoints Appearing In Malware, Andrew G. West, Aziz Mohaisen
Andrew G. West
Networked machines serving as binary distribution points, C&C channels, or drop sites are a ubiquitous aspect of malware infrastructure. By sandboxing malcode one can extract the network endpoints (i.e., domains and URL paths) contacted during execution. Some endpoints are benign, e.g., connectivity tests. Exclusively malicious destinations, however, can serve as signatures enabling network alarms. Often these behavioral distinctions are drawn by expert analysts, resulting in considerable cost and labeling latency.
Leveraging 28,000 expert-labeled endpoints derived from ~100k malware binaries this paper characterizes those domains/URLs towards prioritizing manual efforts and automatic signature generation. Our analysis focuses on endpoints' static metadata properties …
How To Implement Access Rights In An Mis Project, Umakant Mishra
How To Implement Access Rights In An Mis Project, Umakant Mishra
Umakant Mishra
The MIS data is critical to an organization and should be protected from misuse by wrong persons. Although The MIS data is typically meant for the senior managers each MIS report may not be required by every manager. The access to MIS data is determined by the role of an individual in the organization and controlled by the MIS administrator accordingly. The access is generally determined by the following parameters, (a) the type of user (such as staff or manager etc.), (b) the type of data (whether general data or managerial data), (c) level of access (read/ write/ admin access) …