E-resources
-
Kim, Sungjin
IEEE access, 2020, Volume: 8Journal Article
Malware distribution networks are a huge network that involves in malware distribution. We do not much realize the seriousness of the network in daily life. Until now, the works to analyze the network have been studied, but they are still limited because many researchers focused on detection, not investigating the internal structures of malware distribution networks. In this circumstance, the recent works tried to analyze the malware distribution networks in terms of social network analysis based on graph theories. They analyzed the malware distribution networks with nodes used in malware distribution such as malicious URLs, FQDN, malware and IPs, generated during drive-by downloads, or appeared outbound contacts. However, this approach is still lack in understandings malware distribution networks. In this study, we realized that <inline-formula> <tex-math notation="LaTeX">degree </tex-math></inline-formula> (or <inline-formula> <tex-math notation="LaTeX">closeness </tex-math></inline-formula>, <inline-formula> <tex-math notation="LaTeX">betweenness </tex-math></inline-formula>, or <inline-formula> <tex-math notation="LaTeX">eigenvector </tex-math></inline-formula>) <inline-formula> <tex-math notation="LaTeX">centrality~measures </tex-math></inline-formula> are beneficial in finding central nodes engaging in malware distribution. This central information is by far valuable in understanding the properties of malicious network infrastructure. For instance, from <inline-formula> <tex-math notation="LaTeX">degree~centrality~measures </tex-math></inline-formula>, we realized that malware distribution networks show high in-degree, while benign networks present high out-degree. This result offers artifacts that classify malicious networks from benign networks. After all, this study provides fundamental information to help distinguish heterogeneous networks useful in future research.
Author
![loading ... loading ...](themes/default/img/ajax-loading.gif)
Shelf entry
Permalink
- URL:
Impact factor
Access to the JCR database is permitted only to users from Slovenia. Your current IP address is not on the list of IP addresses with access permission, and authentication with the relevant AAI accout is required.
Year | Impact factor | Edition | Category | Classification | ||||
---|---|---|---|---|---|---|---|---|
JCR | SNIP | JCR | SNIP | JCR | SNIP | JCR | SNIP |
Select the library membership card:
If the library membership card is not in the list,
add a new one.
DRS, in which the journal is indexed
Database name | Field | Year |
---|
Links to authors' personal bibliographies | Links to information on researchers in the SICRIS system |
---|
Source: Personal bibliographies
and: SICRIS
The material is available in full text. If you wish to order the material anyway, click the Continue button.