Storytelling Security: User-Intention Based Traffic Sanitization

Malicious software (malware) with decentralized communication infrastructure, such as peer-to-peer botnets, is difficult to detect. In this paper, the authors describe a traffic-sanitization method for identifying malware-triggered outbound connections from a personal computer. The solution correlates user activities with the content of outbound traffic. The key observation is that user-initiated outbound traffic typically has corresponding human inputs, i.e., keystroke or mouse clicks. The analysis on the causal relations between user inputs and packet payload enables the efficient enforcement of the inter-packet dependency at the application level.

Provided by: Virginia Polytechnic Institute and State University Topic: Collaboration Date Added: Nov 2010 Format: PDF

Find By Topic