-
Recent Posts
Recent Comments
Arkadiusz Robiński on HTTP Parameter Pollution. So h… c3ret on HTTP Parameter Pollution. So h… Archives
Categories
Meta
Category Archives: Malware Analysis and Detection
SMTP Dialects, or how to detect bots by looking at SMTP conversations
It is somewhat surprising that, in 2012, we are still struggling fighting spam. In fact, any victory we score against botnets is just temporary, and the spam levels raise again after some time. As an example, the amount of spam … Continue reading
Andrubis: A Tool for Analyzing Unknown Android Applications
We are proud to announce that we have released our brand new extension for Anubis: Andrubis. As the name already suggests, Andrubis is designed to analyze unknown apps for the Android platform (APKs), just like Anubis does for Windows executables. … Continue reading
BotMagnifier: Locating Spambots on the Internet
During the 20th USENIX Security Symposium, which will take place in San Francisco starting August 8, we will present our paper BotMagnifier: Locating Spambots on the Internet. This paper tries to tackle the problem of detecting bot infected machines from … Continue reading
Posted in Botnets, Malware Analysis and Detection
Leave a comment
Peering Through the iFrame
This week we finalized our paper titled “Peering Through the iFrame” that will appear at InfoCom 2011 in Shanghai. In this paper, we present our infiltration of a drive-by-download campaign known as Mebroot that is used to spread several types of … Continue reading
Anubis – Managing a growing, distributed infrastructure for Binary Analysis [Part II]
In part I of this blog post, I summarized how and why the Anubis system has grown into a not only virtually, but also physically distributed analysis service. In part II, I will explain how we tackled the problem of … Continue reading
EXPOSURE: A new service from iSecLab goes online
Last month, in this post, we announced an upcoming service called EXPOSURE which detects domain names that are involved in malicious activities. We perform passive DNS analysis. After a period of testing, finally, we started the beta version of the service. … Continue reading
EXPOSURE, a new upcoming service for finding malicious domains using passive DNS analysis
One of the papers we will be presenting in the upcoming NDSS 2011 conference in San Diego will be Leyla‘s work on detecting malicious DNS domains using large-scale passive DNS analysis. We have used EXPOSURE in practice to automatically detect … Continue reading
Anubis – Managing a growing, distributed infrastructure for Binary Analysis [Part I]
As promised in the last blog-post, I will cover some of the internals of our analysis infrastructure for analyzing unknown binaries (Anubis) in a series of posts. With this article, I would like to make a start in that direction, … Continue reading
News from the Anubis admins
More than three and a half years ago, the Anubis – Analyzing Unknown Binaries – service went online with the following, very first news entry: Friday, February 16th, 2007: We are online! First version of the homepage is online. The … Continue reading
Short report on ACM CCS 2010
Last week, I attended ACM CCS. For the last two years, the conference is being held in Chicago. I think it was a good decision to move. The location in Virginia was always a little difficult to reach, and there … Continue reading