Paper Abstract and Keywords |
Presentation |
2022-03-08 15:30
Verifying concept of personalized malware by investigating end-user environments Daigo Ichikawa, Rui Tanabe, XU Haoyuan, Yoshioka Katsunari, Matsumoto Tsutomu (YNU) ICSS2021-83 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
Personalized malware conducts malicious activities only when it is running on the target environment. Previous studies have proposed an attack scenario in which personalized malware identifies the target machine by using target’s Email address stored in files of desktop applications. It is also shown that PoC samples successfully evade 3 sandbox appliances. In this study, we investigate the environments of 10 lab members and 218 cloud workers from Amazon Mechanical Turk to see if such an attack is realistic. Our PoC sample checks 23 files of 18 applications to see if they contain any Email addresses. We conducted the experiments with the above-mentioned lab and cloud worker environments using the PoC and found that all 9 lab environments and 156 cloud worker environments whose information is successfully collected by the PoC have at least one of the desktop apps installed and therefore the attack scenario is applicable. Moreover, all 9 lab environments are identifiable with the Email addresses extracted by the PoC. These results imply that Email-based personalized malware is realistic. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Security appliance / Sandbox evasion / Advanced Persistent Threat / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 121, no. 410, ICSS2021-83, pp. 147-152, March 2022. |
Paper # |
ICSS2021-83 |
Date of Issue |
2022-02-28 (ICSS) |
ISSN |
Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2021-83 |
Conference Information |
Committee |
ICSS IPSJ-SPT |
Conference Date |
2022-03-07 - 2022-03-08 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Online |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Security, Trust, etc. |
Paper Information |
Registration To |
ICSS |
Conference Code |
2022-03-ICSS-SPT |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Verifying concept of personalized malware by investigating end-user environments |
Sub Title (in English) |
|
Keyword(1) |
Security appliance |
Keyword(2) |
Sandbox evasion |
Keyword(3) |
Advanced Persistent Threat |
Keyword(4) |
|
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Daigo Ichikawa |
1st Author's Affiliation |
Yokohama National University (YNU) |
2nd Author's Name |
Rui Tanabe |
2nd Author's Affiliation |
Yokohama National University (YNU) |
3rd Author's Name |
XU Haoyuan |
3rd Author's Affiliation |
Yokohama National University (YNU) |
4th Author's Name |
Yoshioka Katsunari |
4th Author's Affiliation |
Yokohama National University (YNU) |
5th Author's Name |
Matsumoto Tsutomu |
5th Author's Affiliation |
Yokohama National University (YNU) |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2022-03-08 15:30:00 |
Presentation Time |
20 minutes |
Registration for |
ICSS |
Paper # |
ICSS2021-83 |
Volume (vol) |
vol.121 |
Number (no) |
no.410 |
Page |
pp.147-152 |
#Pages |
6 |
Date of Issue |
2022-02-28 (ICSS) |
|