{"title":"基于在线社交网络的早期恶意软件特征描述","authors":"Alireza Sadighian, Ines Abbes, Gabriele Oligeri","doi":"10.1109/CommNet60167.2023.10365252","DOIUrl":null,"url":null,"abstract":"Online social networks (OSNs) spread information worldwide and in a fast and effective way. Given the terrific number of sources, OSNs can be used for event forecasting and its characterization. Although the vast majority of information is noise, OSNs can be a source of data for the early detection and characterization of malware spreading-this representing a significant advantage for the defense team, which can be informed much in advance of when the malware affects the system. In this paper, we propose an early malware characterization technique that combines statistical analysis with Natural Language Processing (NLP). Using this approach, we analyze various malware behaviors over time and discover their characteristics, such as target system types, target applications, vulnerabilities, locations, propagation scale, etc., in order to appropriately prevent/detect/mitigate their malicious activities and implement suitable actions effectively. We tested and evaluated our approach on a dataset collected from Twitter that includes widespread ransomware indicators. The results show that our approach is effective in early characterizing various types of malware, thus can be considered as one of the first line of defense.","PeriodicalId":505542,"journal":{"name":"2023 6th International Conference on Advanced Communication Technologies and Networking (CommNet)","volume":"23 4","pages":"1-8"},"PeriodicalIF":0.0000,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Early Malware Characterization based on Online Social Networks\",\"authors\":\"Alireza Sadighian, Ines Abbes, Gabriele Oligeri\",\"doi\":\"10.1109/CommNet60167.2023.10365252\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Online social networks (OSNs) spread information worldwide and in a fast and effective way. Given the terrific number of sources, OSNs can be used for event forecasting and its characterization. Although the vast majority of information is noise, OSNs can be a source of data for the early detection and characterization of malware spreading-this representing a significant advantage for the defense team, which can be informed much in advance of when the malware affects the system. In this paper, we propose an early malware characterization technique that combines statistical analysis with Natural Language Processing (NLP). Using this approach, we analyze various malware behaviors over time and discover their characteristics, such as target system types, target applications, vulnerabilities, locations, propagation scale, etc., in order to appropriately prevent/detect/mitigate their malicious activities and implement suitable actions effectively. We tested and evaluated our approach on a dataset collected from Twitter that includes widespread ransomware indicators. The results show that our approach is effective in early characterizing various types of malware, thus can be considered as one of the first line of defense.\",\"PeriodicalId\":505542,\"journal\":{\"name\":\"2023 6th International Conference on Advanced Communication Technologies and Networking (CommNet)\",\"volume\":\"23 4\",\"pages\":\"1-8\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-12-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 6th International Conference on Advanced Communication Technologies and Networking (CommNet)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CommNet60167.2023.10365252\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 6th International Conference on Advanced Communication Technologies and Networking (CommNet)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CommNet60167.2023.10365252","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
在线社交网络(OSN)以快速有效的方式在全球范围内传播信息。鉴于信息来源的巨大数量,OSN 可用于事件预测及其特征描述。虽然绝大多数信息都是噪音,但 OSN 可以成为早期检测和鉴定恶意软件传播的数据源,这对防御团队来说是一个重大优势,因为他们可以在恶意软件影响系统之前提前获得信息。在本文中,我们提出了一种结合统计分析和自然语言处理(NLP)的早期恶意软件特征描述技术。利用这种方法,我们可以分析恶意软件在一段时间内的各种行为,发现它们的特征,如目标系统类型、目标应用程序、漏洞、位置、传播规模等,从而适当地预防/检测/缓解它们的恶意活动,并有效地实施适当的行动。我们在从 Twitter 收集的数据集上测试并评估了我们的方法,该数据集包含了广泛的勒索软件指标。结果表明,我们的方法能有效地对各种类型的恶意软件进行早期特征描述,因此可被视为第一道防线之一。
Early Malware Characterization based on Online Social Networks
Online social networks (OSNs) spread information worldwide and in a fast and effective way. Given the terrific number of sources, OSNs can be used for event forecasting and its characterization. Although the vast majority of information is noise, OSNs can be a source of data for the early detection and characterization of malware spreading-this representing a significant advantage for the defense team, which can be informed much in advance of when the malware affects the system. In this paper, we propose an early malware characterization technique that combines statistical analysis with Natural Language Processing (NLP). Using this approach, we analyze various malware behaviors over time and discover their characteristics, such as target system types, target applications, vulnerabilities, locations, propagation scale, etc., in order to appropriately prevent/detect/mitigate their malicious activities and implement suitable actions effectively. We tested and evaluated our approach on a dataset collected from Twitter that includes widespread ransomware indicators. The results show that our approach is effective in early characterizing various types of malware, thus can be considered as one of the first line of defense.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
