Learn More
This paper aims at showing the usefulness of simple honeypots to obtain data that can be used to derive analytical models of the attack processes present on the Internet. Built upon an environment which has been deployed for 18 months, we provide figures and analyses that enable us to better understand how attacks are carried out in the wild. Key(More)
In this paper, we present a new attack attribution method that has been developed within the WOMBAT 1 project. We illustrate the method with some real-world results obtained when applying it to almost two years of attack traces collected by low interaction honeypots. This analytical method aims at identifying large scale attack phenomena composed of IP(More)
In this paper, we propose amethod to identify and group together traces left on low interaction honeypots by machines belonging to the same botnet(s) without having any a priori information at our disposal regarding these botnets. In other words, we offer a solution to detect new botnets thanks to very cheap and easily deployable solutions. The approach is(More)
In this paper, we propose a method to identify and group together traces left on low interaction honeypots by machines belonging to the same botnet(s) without having any a priori information at our disposal regarding these botnets. In other terms, we offer a solution to detect new botnets thanks to very cheap and easily deployable solutions. The approach is(More)
In [6], Pouget et al. have conjectured the existence of so-called multi-headed worms and found a couple of them on attack traces collected on a single honeypot. These worms take advantage of several distinct attack techniques to propagate but they use only one of them against a given target. From a victim's viewpoint, they are therefore indistinguishable(More)
There are many custom Android firmware (custom ROMs) which are shared on the Internet. Several recent studies aim their efforts at analyzing pre-installed applications in these firmware. However, they analyzed separate pre-installed applications. In this study we propose a system, uitXROM, to detect sensitive data leakage in custom Android firmware by(More)
  • 1