A Method of Detecting Abnormal Malicious Remote Control Codes using Network Domain Information
- Authors
- Oh, Hyung-Geun; Seo, Jung-Taek; Lim, Jong In; Moon, Jong-sub
- Issue Date
- 5월-2012
- Publisher
- INT INFORMATION INST
- Keywords
- Remote Control Malware; Abnormal Malicious Code; Domain Name Information; Abnormal Network Connection; Extrusion Detection; Intrusion Detection
- Citation
- INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL, v.15, no.5, pp.2181 - 2192
- Indexed
- SCIE
SCOPUS
- Journal Title
- INFORMATION-AN INTERNATIONAL INTERDISCIPLINARY JOURNAL
- Volume
- 15
- Number
- 5
- Start Page
- 2181
- End Page
- 2192
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/108493
- ISSN
- 1343-4500
- Abstract
- Since the malicious code used in the latest APT (Advanced Persistent Threat) attacks new, hitherto unknown security, vulnerabilities, it is almost impossible to detect with the conventional pattern-based information security system. Consequently, various targeted attacks such as internal data leakage and system demolition have inflicted great damage, thereby raising the need for a new concept of malicious code detection. This paper proposes a new method of detecting abnormal connections by observing the status of connection of an attack system connected to a target system over the network. This method can detect the connection of new malicious codes very efficiently using only the existing network data, and can intercept the leakage of internal data or the transfer of attack commands.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
- College of Science and Technology > Department of Electronics and Information Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.