A Study on Collection and Analysis Method of Malicious URLs Based on Darknet Traffic for Advanced Security Monitoring and Response
![]() |
Kim, Kyu-Il
(Korea Institute of Science and Technology Information)
Choi, Sang-So (Korea Institute of Science and Technology Information) Park, Hark-Soo (Korea Institute of Science and Technology Information) Ko, Sang-Jun (Korea Institute of Science and Technology Information) Song, Jung-Suk (Korea Institute of Science and Technology Information) |
1 | Eto, M., Inoue. D., Song, J., Nakazato, J., Ohtaka, K., and Nakao, K., "nicter : A Large-Scale Network Incident Analysis System," Proc. of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security(BADGERS '11), pp. 37-45, Apr. 2011. |
2 | Kim, H., Choi, S., and Song, J., "A Methodology for Multipurpose DNS Sinkhole Analyzing Double Bounce Emails," Proc. on ICONIP 2013, LNCS 8226, pp. 609-616, Nov. 2013. |
3 | Spitzner, L., "The Honeynet Project: trapping the hackers," Magazine of Security & Privacy, IEEE pp.15-23, Mar. 2003. |
4 | Choi, S., Kim, S., and Park, H., "A Fusion Framework of IDS Alerts and Darknet Traffic for Effective Incident Monitoring and Response," Journal of Applied Mathematics & Information Science, pp.245-251, Dec. 2013. |
5 | Egele, M., Scholte, T., Kirda, E., and Kruegel, C., "A survey on automated dynamic malware-analysis techniques and tools," Journal of ACM Computing Surveys (CSUR) Vol. 44, Issue 2, Feb. 2012. |
6 | Lee, H., Choi, S., Lee, Y., and Park, H., "Enhanced Sinkhole System by Improving Post-processing Mechanism," Proc. on FGIT 2010, LNCS 6485, pp. 469-480, Dec. 2010. |
7 | Abbasi, F., H, and Harris, R. J., "Experiences with a Generation III virtual Honeynet," Proc. of the Telecommunication Networks and Applications Conference(ATNAC'09), pp.1-6, Nov. 2009. |
8 | Abbasi, F., H, and Harris, R. J., "Intrusion detection in Honeynets by compression and hashing," Proc. of the Telecommunication Networks and Application Conference (ATNAC'10), pp.96-101, Nov. 2010. |
9 | Bailey, M., Cooke, E., Jahanian, F., Provos, N., Rosaen, K., and Watson, D., "Data Reduction for the Scalable Automated Analysis of Distributed Darknet Traffic," Proc. of the 5th ACM SIGCOMM conference on Internet Measurement(IMC'05), pp 239-252, Oct. 2005. |
10 | Willenms, C., Holz, T., and Freiling, F., "Toward Automated Dynamic Malware Analysis Using CW Sandbox," Journal of IEEE Security and Privacy, Vol 5, Issue 2, Mar. 2007. |
11 | Qiu, H., and Osoro F. C. C., "Static malware detection with Segmented Sandboxing," Proc. of 8th International Conference on the Malicious and Unwanted Software (MALWARE'13), pp. 132-141, Oct. 2013. |
12 | Nakao, K., Inoue, D., Eto, M., and Yoshioka, K., "Practical Correlation Analysis Between Scan and Malware Proles Against Zero-day Attacks Based on Darknet Monitoring," Journal of IEICE Transactions on Information and System E 92D(5), pp.787-798, Dec. 2009. |
13 | Kim, Y., and Youm, H., "A New Bot Disinfection Method Based on DNS Sinkhole," Journal of the Korea Institute of Information Security & Cryptology vol.18, no.6, pp. 107-114, Dec. 2008. 과학기술학회마을 |
14 | Harrop, W., Armitage, G., "Gerynets: a definition and evaluation of sparsely populated darknets," Proc. of the ACM SIGCOMM workshop on Mining network data(MineNet'05), pp. 171-172, Aug. 2005. |
15 | Harrop, W., Armitage, G., "Defining and Evaluating Greynets(Sparse Darknets)," Proc. of the IEEE conference on Local Computer Networks 30th Anniversary(LCN'05), pp. 344-350, Nov. 2005. |
![]() |