White Papers

Traffic Aggregation for Malware Detection

Overview Stealthy malware, such as botnets and spyware, are hard to detect because their activities are subtle and do not disrupt the network, in contrast to DoS attacks and aggressive worms. Stealthy malware, however, does communicate to exfiltrate data to the attacker, to receive the attacker's commands, or to carry out those commands. Since malware rarely infiltrates only a single host in a large enterprise, these communications should emerge from multiple hosts within coarse temporal proximity to one another. This paper describes a system called TAMD (pronounced "Tamed") with which an enterprise can identify candidate groups of infected computers within its network. TAMD accomplishes this by finding new communication "Aggregates" involving multiple internal hosts, i.e., communication flows that share common characteristics.

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher: Carnegie Mellon University
File Format: PDF
Date Published: Oct 22, 2008
Format: White Papers
Topics: Spyware, Network Security, Security Management

Similiar White Papers

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and

Publisher: MessageLabs, now part of Symantec | Tags: enterprise security, social networking

Sophos Email Security and Control - Free 30 Day Trial

Proactively block inbound and outbound threats with unrivaled effectiveness and simplicity, delivering high-capacity, hi

Publisher: Sophos

X-Force®Threat Insight Quarterly Voice over Internet Protocol (VoIP) ? Find out what the threats and challenges are for anyone deploying VoIP

The X-Force Threat Insight Quarterly (Threat IQ) highlights the most significant threats and challenges facing security

Publisher: Internet Security Systems | Tags: homeland security, security flaws, voip

Web Security SaaS: The Next Generation of Web Security

The Web is the new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity

Publisher: Webroot Software | Tags: hackers, idc, malware, saas

An independent report by ICSA Labs on the performance of ISS' VoIP-enabled Intrusion Prevention devices

This technical product evaluation is focused on the ISS VoIP-enabled Intrusion Prevention devices. These are built to su

Publisher: Internet Security Systems | Tags: voip

Carnegie Mellon University White Papers

Featured white papers

The Value of Location Intelligence in the Communications Industry

Pitney Bowes

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...

Download now »
Best Practices for Translating Customer Satisfaction into Revenue

Citrix Online

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...

Download now »
HP print solutions and 3M

Hewlett-Packard (HP)

The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...

Download now »