IEICE Technical Committee Submission System
Conference Paper's Information
Online Proceedings
[Sign in]
Tech. Rep. Archives
 Go Top Page Go Previous   [Japanese] / [English] 

Paper Abstract and Keywords
Presentation 2015-03-04 10:50
Prediction of Malware Activities based on Loopback Address from DNS
Masaki Kamizono (NICT/SecureBrain), Takashi Tomine, Yu Tsuda, Masashi Eto (NICT), Yuji Hoshizawa (Securebrain Corporation), Daisuke Inoue (NICT), Katsunari Yoshioka, Tsutomu Matsumoto (ynu) ICSS2014-80
Abstract (in Japanese) (See Japanese page) 
(in English) During malware dynamic analysis, the analysis system often finds the loopback address in responses of DNS name resolution. They are the results of a countermeasure of service providers in order to mitigate malicious activities by disabling resolution of malicious host names. Meanwhile, recent attackers control malware by applying the loopback address to deactivate them as well as applying actual IP addresses to reactivate them. This research proposes a system to observe DNS responses with the loopback address and analyses the observed responses. Additionally, by focusing on a change of the loopback address in a DNS response, this research verifies the efficiency of dynamic analysis by comparing analysis results before and after the change of the DNS response. Based on the verification, this paper considers a method which derives emerging malicious sites and FQDNs.
Keyword (in Japanese) (See Japanese page) 
(in English) Malware / Malware Dynamic Analysis / DNS / Loopback Address / / / /  
Reference Info. IEICE Tech. Rep., vol. 114, no. 489, ICSS2014-80, pp. 103-108, March 2015.
Paper # ICSS2014-80 
Date of Issue 2015-02-24 (ICSS) 
ISSN Print edition: ISSN 0913-5685    Online edition: ISSN 2432-6380
Copyright
and
reproduction
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034)
Download PDF ICSS2014-80

Conference Information
Committee ICSS  
Conference Date 2015-03-03 - 2015-03-04 
Place (in Japanese) (See Japanese page) 
Place (in English) Meio Univiersity 
Topics (in Japanese) (See Japanese page) 
Topics (in English) Communication Security, etc. 
Paper Information
Registration To ICSS 
Conference Code 2015-03-ICSS 
Language Japanese 
Title (in Japanese) (See Japanese page) 
Sub Title (in Japanese) (See Japanese page) 
Title (in English) Prediction of Malware Activities based on Loopback Address from DNS 
Sub Title (in English)  
Keyword(1) Malware  
Keyword(2) Malware Dynamic Analysis  
Keyword(3) DNS  
Keyword(4) Loopback Address  
Keyword(5)  
Keyword(6)  
Keyword(7)  
Keyword(8)  
1st Author's Name Masaki Kamizono  
1st Author's Affiliation National Institute of Information and Communications Technology/SecureBrain (NICT/SecureBrain)
2nd Author's Name Takashi Tomine  
2nd Author's Affiliation National Institute of Information and Communications Technology (NICT)
3rd Author's Name Yu Tsuda  
3rd Author's Affiliation National Institute of Information and Communications Technology (NICT)
4th Author's Name Masashi Eto  
4th Author's Affiliation National Institute of Information and Communications Technology (NICT)
5th Author's Name Yuji Hoshizawa  
5th Author's Affiliation Securebrain Corporation (Securebrain Corporation)
6th Author's Name Daisuke Inoue  
6th Author's Affiliation National Institute of Information and Communications Technology (NICT)
7th Author's Name Katsunari Yoshioka  
7th Author's Affiliation Yokohama National University (ynu)
8th Author's Name Tsutomu Matsumoto  
8th Author's Affiliation Yokohama National University (ynu)
9th Author's Name  
9th Author's Affiliation ()
10th Author's Name  
10th Author's Affiliation ()
11th Author's Name  
11th Author's Affiliation ()
12th Author's Name  
12th Author's Affiliation ()
13th Author's Name  
13th Author's Affiliation ()
14th Author's Name  
14th Author's Affiliation ()
15th Author's Name  
15th Author's Affiliation ()
16th Author's Name  
16th Author's Affiliation ()
17th Author's Name  
17th Author's Affiliation ()
18th Author's Name  
18th Author's Affiliation ()
19th Author's Name  
19th Author's Affiliation ()
20th Author's Name  
20th Author's Affiliation ()
Speaker Author-1 
Date Time 2015-03-04 10:50:00 
Presentation Time 25 minutes 
Registration for ICSS 
Paper # ICSS2014-80 
Volume (vol) vol.114 
Number (no) no.489 
Page pp.103-108 
#Pages
Date of Issue 2015-02-24 (ICSS) 


[Return to Top Page]

[Return to IEICE Web Page]


The Institute of Electronics, Information and Communication Engineers (IEICE), Japan