Driving in the Cloud: An Analysis of Drive-By Download Operations and Abuse Reporting

Provided by: IMDEA
Topic: Cloud
Format: PDF
Drive-by downloads are the preferred distribution vector for many malware families. In the drive-by ecosystem many exploit servers run the same exploit kit and it is a challenge understanding whether the exploit server is part of a larger operation. In this paper, the authors propose a technique to identify exploit servers managed by the same organization. They build an infrastructure to collect over time how exploit servers are configured and what malware they distribute, grouping servers with similar configurations into operations.

Find By Topic