Malware Research (Pragmatic and starting to be Academic) 07/03/13 v0.3.01 3/4

Jetzt loslegen. Gratis!
oder registrieren mit Ihrer E-Mail-Adresse
Malware Research (Pragmatic and starting to be Academic) 07/03/13 v0.3.01 3/4 von Mind Map: Malware Research (Pragmatic and starting to be Academic) 07/03/13 v0.3.01 3/4

1. Exploits / Buffer Overflows

2. Rootkits

2.1. Zeroaccess / TDL3

3. Industrial Network Malware

3.1. Stuxnet

4. Botnets

4.1. Relevant Papers

4.1.1. Botnet Detection Systems

4.1.1.1. Gu et al. 2006-8

4.1.1.1.1. "BotHunter" Payload Byte-Frequency Analysis (Gu, Porras, et al. 2007)

4.1.1.1.2. BotMiner

4.1.1.1.3. BotSniffer

5. Indicators of Infection

5.1. Network Packet Analysis

5.1.1. Frequency Analysis

5.2. Security Information & Event Monitoring (SIEM) Systems

5.2.1. Log Analysis

5.2.1.1. Application

5.2.1.2. Audit

5.2.1.2.1. Authentication

5.2.1.2.2. Installation

5.3. Memory Analysis

5.3.1. Process Tree

5.3.2. Process Memory

5.3.3. Full Dump Analysis

5.3.4. Process Core Crash Dump Analysis

5.4. File Changes

5.4.1. Hash-on-Execute Correlation

5.4.2. Periodic Validity/Version Checks

5.5. System Call

5.5.1. Frequency Analysis

5.5.2. Process-SysCall Correlation Analysis