Visualizing a Malware Distribution Network

Sebastian Peryt, Jose Andre Morales, William Casey, Aaron Volkmann, Bud Mishra, Yang Cai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we present a case study of visual analytics of a Malware Distribution Network (MDN), a connected set of maliciously compromised domains used to disseminate malicious software to victimize computers and users. We formally define the graph of an MDN to visualize top-level-domain (TLD) data collected from Google Safe Browsing reports in a temporal manner characterizing the topological structure. From the collected data, we were able to identify and label a TLD's role in malware distribution. The visual analytics provided insights on the topological structure of MDNs over time including highly connected and persistent TLDs and subnetworks.

Original languageEnglish (US)
Title of host publication2016 IEEE Symposium on Visualization for Cyber Security, VizSec 2016
EditorsDiane Staheli, Lane Harrison, Nicolas Prigent, Daniel M. Best, Sophie Engle
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509016051
DOIs
StatePublished - Nov 8 2016
Event2016 IEEE Symposium on Visualization for Cyber Security, VizSec 2016 - Baltimore, United States
Duration: Oct 24 2016 → …

Publication series

Name2016 IEEE Symposium on Visualization for Cyber Security, VizSec 2016

Other

Other2016 IEEE Symposium on Visualization for Cyber Security, VizSec 2016
CountryUnited States
CityBaltimore
Period10/24/16 → …

Keywords

  • Google Safe Browsing
  • behavioral graph
  • malware
  • malware distribution network
  • top-level domain
  • visualization

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Media Technology
  • Modeling and Simulation

Fingerprint Dive into the research topics of 'Visualizing a Malware Distribution Network'. Together they form a unique fingerprint.

Cite this