-
Header: christian-rossow.de
-
Apply for a PostDoc position in my System Security research group at CISPA, Germany.

https://www.christian-rossow.de

If you can't explain it simply, you don't understand it well enough.

Report - Sandnet: Network Traffic Analysis of Malicious Software

As part of my PhD and in collaboration with colleages from if(is), I developed a system called Sandnet to analyze the network traffic of malicious software. Last week I presented Sandnet at the ACM BADGERS Workshop in Salzburg, Vienna.

Malicious software has become one of the biggest threats to the Internet security. During the last years, researchers have started to dynamically analyze malware, i.e. to execute viruses in so called contained environments and observe the behavior of the malware. While most of these systems focus on analyzing the host behavior, we developed a system called Sandnet with a strong focus on the network behavior of malware. Sandnet is in place at if(is) since 2010 and we analyzed more than distinct 100,000 malware as of April 2011. Its official website is here.

Last week I presented first results of Sandnet at the ACM BADGERS Workshop in Salzburg, Vienna. The feedback we have received was very positive and I had the chance to meet other very interesting researchers in the same field. As a next step of research, we are going to cluster malware based on its network behavior.


Yours

Christian

-
» CISPA Helmholtz Center for Information Security » SysSec Research Group » Solarpark » Legal Notice / Data Protection
-