Visualizing a Malware Distribution Network

Sebastian Peryt; Jose Andre Morales; William Casey; Aaron Volkmann; Bud Mishra; Yang Cai

doi:10.1109/VIZSEC.2016.7739585

2016 IEEE Symposium on Visualization for Cyber Security (VizSec)

Visualizing a Malware Distribution Network

Year: 2016, Pages: 1-4

DOI Bookmark: 10.1109/VIZSEC.2016.7739585

Authors

Sebastian Peryt, Cylab-CIT and SCS Carnegie Mellon Univ.
Jose Andre Morales, SEI-CERT Carnegie Mellon Univ.
William Casey, SEI-CERT Carnegie Mellon Univ.
Aaron Volkmann, SEI-CERT Carnegie Mellon Univ.
Bud Mishra, Courant Institute New York Univ.
Yang Cai, Cylab-CIT and SCS Carnegie Mellon Univ.

Abstract

In this paper, we present a case study of visual analytics of a Malware Distribution Network (MDN), a connected set of maliciously compromised domains used to disseminate malicious software to victimize computers and users. We formally define the graph of an MDN to visualize top-level-domain (TLD) data collected from Google Safe Browsing reports in a temporal manner characterizing the topological structure. From the collected data, we were able to identify and label a TLD's role in malware distribution. The visual analytics provided insights on the topological structure of MDNs over time including highly connected and persistent TLDs and subnetworks.

A Focus + Context Technique for Visualizing a Document Collection
2012 45th Hawaii International Conference on System Sciences
Design and Analysis of a New Feature-Distributed Malware
2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
The goods, the bads and the uglies: Supporting decisions in malware detection through visual analytics
2017 IEEE Symposium on Visualization for Cyber Security (VizSec)
Classification of Malware Using Visualisation of Similarity Matrices
2017 Cybersecurity and Cyberforensics Conference (CCC)
A Forensic Analysis of Android Malware -- How is Malware Written and How it Could Be Detected?
2014 IEEE 38th Annual Computer Software and Applications Conference (COMPSAC)
Detecting malicious landing pages in Malware Distribution Networks
2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
Android Malware Detection via Graphlet Sampling
IEEE Transactions on Mobile Computing
Ares: Triggering Payload of Evasive Android Malware
2018 IEEE/ACM 5th International Conference on Mobile Software Engineering and Systems (MOBILESoft)
A convolutional neural network based Android malware detection method with dynamic fine-tuning
2022 32nd International Telecommunication Networks and Applications Conference (ITNAC)
RmvDroid: Towards A Reliable Android Malware Dataset with App Metadata
2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR)

Visualizing a Malware Distribution Network

Authors

Abstract

Related Articles