Malicious Spam Emails Developments and Authorship Attribution

Alazab, Mamoun; Layton, Robert; Broadhurst, Roderic; Bouhours, Brigitte

doi:10.1109/ctc.2013.16

Cited by 51 publications

(26 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While supervised learning allows us to use cross-fold validation to choose good parameters, unsupervised learning must rely either on other metrics (such as cluster stability) or ensemble learning to reduce the impact of bad parameter sets. For this application we chose the latter, given EAC's use in previous studies of this nature [10], [11].…”

Section: Methodsmentioning

confidence: 99%

Authorship Analysis of the Zeus Botnet Source Code

Layton

Azab

2014

2014 Fifth Cybercrime and Trustworthy Computing Conference

Self Cite

View full text Add to dashboard Cite

Authorship analysis has been used successfully to analyse the provenance of source code files in previous studies. The source code for Zeus, one of the most damaging and effective botnets to date, was leaked in 2011. In this research, we analyse the source code from the lens of authorship clustering, aiming to estimate how many people wrote this malware, and what their roles are. The research provides insight into the structure the went into creating Zeus and its evolution over time. The work has potential to be used to link the malware with other malware written by the same authors, helping investigations, classification, deterrence and detection.

show abstract

Section: Methodsmentioning

confidence: 99%

Authorship Analysis of the Zeus Botnet Source Code

Layton

Azab

2014

2014 Fifth Cybercrime and Trustworthy Computing Conference

Self Cite

View full text Add to dashboard Cite

show abstract

“… Spam campaigns: the user receives an e-mail message from a well-known organization with some false banking information attached or with a link included in the e-mail. Once, the user clicks the link or downloads the attached file to the e-mail, the system will be infected [10,37].…”

Section: Typical Spreading Methods For Financial Malwarementioning

confidence: 99%

From ZeuS to Zitmo: Trends in Banking Malware

Etaher

Weir

Alazab

2015

2015 IEEE Trustcom/BigDataSE/Ispa

Self Cite

View full text Add to dashboard Cite

Abstract. In the crimeware world, financial botnets are a global threat to banking organizations. Such malware purposely performs financial fraud and steals critical information from clients' computers. A common example of banking malware is the ZeuS botnet. Recently, variants of this malware have targeted mobile platforms, as The-ZeuS-in-the-Mobile or Zitmo. With the rise in mobile systems, platform security is becoming a major concern across the mobile world, with rising incidence of compromising Android devices. In similar vein, there have been mobile botnet attacks on iPhones, Blackberry and Symbian devices. In this setting, we report on trends and developments of ZeuS and its variants.

show abstract

“…WhatsApp, Orkut etc. are the most commonly used applications to spread the malicious URLs [1], [2], [3]. They host unsolicited information on the web page.…”

Section: Introductionmentioning

confidence: 99%