Name
Abstract | ||
|---|---|---|
"Bankers" are special types of malware whose targets are Internet banking users, mainly to obtain their credentials. Banker infections cause losses of billions of dollars worldwide. Thus, better understanding and detection of bankers is required. Due to their interactive nature, obtaining bankers' behaviors can be a difficult task for current dynamic analyzers. Also, existing tools specially crafted to detect bankers are usually limited to a specific type. In this article, we propose BanDIT, a dynamic analysis system that identifies behavior related to bankers combining visual analysis, network traffic pattern matching and filesystem monitoring. We analyzed over 1,500 malware samples to identify those whose target were online banks and reported the compromised IP and e-mail addresses found. We present an evaluation of their behavior and show that BanDIT was able to identify 98.8% of bankers in a manually labeled banker samples set. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2480362.2480704 | SAC |
Keywords | Field | DocType |
dynamic analysis system,internet banking user,empirical analysis,e-mail address,current dynamic analyzer,banker sample,better understanding,difficult task,visual analysis,banker infection,malicious internet banking software,malware sample,malicious software | World Wide Web,Software behavior,Airfield traffic pattern,Computer security,Computer science,Malware,The Internet | Conference |
Citations | PageRank | References |
2 | 0.37 | 6 |
Authors | ||
6 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| André Ricardo A. Grégio | 1 | 2 | 0.37 |
| Dario Simões Fernandes | 2 | 2 | 0.37 |
| Vitor Monte Afonso | 3 | 71 | 4.66 |
| Paulo Lício de Geus | 4 | 83 | 13.37 |
| Victor Furuse Martins | 5 | 2 | 0.37 |
| Mario Jino | 6 | 171 | 25.04 |