帳號:guest(35.173.215.152)          離開系統
字體大小: 字級放大   字級縮小   預設字形  

詳目顯示

以作者查詢圖書館館藏以作者&題名查詢臺灣博碩士以作者查詢全國書目
作者:吳介豪
作者(英文):Wu, Chieh-Hao
論文名稱(中文):惡意軟體之測試與攻擊方法探討
論文名稱(英文):On the Study of Fuzzing and Attacking Malware Methods
指導教授(中文):黃世昆
學位類別:碩士
校院名稱:國立交通大學
系所名稱:多媒體工程研究所
學號:0056652
出版年(民國):102
畢業學年度:101
語文別:中文
論文頁數:36
中文關鍵詞:惡意軟體殭屍網路漏洞加密演算法測試工具
外文關鍵詞:MalwareBotnetVulnerabilityFuzzing toolsEncryption function
相關次數:
  • 推薦推薦:0
  • 點閱點閱:522
  • 評分評分:*****
  • 下載下載:68
  • 收藏收藏:0
惡意軟體在網際網路大量流竄,造成大量電腦系統的損壞,更因為殭屍網路(Botnet)的盛行而產生實體產業如金融業的災害。雖然許多測試工具已能協助找出一般軟體的漏洞,以提升軟體品質與穩定性,而惡意軟體雖然同屬軟體的一員,但由於其中常使用加密演算法來保護內部的資訊與外部伺服器的溝通,因此一般測試工具很難有效地對惡意軟體進行測試。對於惡意軟體研究大致可以分為兩種,第一是惡意軟體的惡意行為分析,第二是分析惡意軟體的弱點,現今多數研究為前者。

因此本研究將探討對惡意軟體中使用的加密演算法進行處理的文獻,以及目前對惡意軟體的測試、分析方法,了解找尋漏洞的過程,最後蒐集已被發現漏洞的惡意軟體,分析這些漏洞發生的原因和相關資訊,以提供進一步的研究資料。
Malware has been spread in the network for a long time and damaged many application systems. Many commercial activities like the financial sector have been affected by the botnet in the real world. Although many fuzzing tools have been used to find related vulnerabilities in the software to improve the quality and reliability, but the malware usually implements the encryption functions to protect inner information and the message communicating with C&C servers. A general fuzzing tool can’t test malware with satisfactory results. The research for malware can be divided into two types, (1) the analysis of malware’s malicious behavior and (2) the analysis of malware’s vulnerability. Nowadays the former research is paid much more attention than the latter.

Therefore, this thesis will study how we can identify the encryption functions in the malware, and attack and analyze malware with general methods. We have collected and organized the vulnerabilities of various kinds of malware, with possible attacks.
摘要 i
Abstract ii
致謝 iii
目錄 iv
表目錄 vi
圖目錄 vii
一、 緒論 1
1.1 研究背景 1
1.2 研究動機 2
1.3 研究目的 2
1.4 章節介紹 3
二、 文獻探討、相關研究 4
2.1 Botnet架構 4
2.2 Malware Fuzzer 7
2.2.1 BitFuzz 7
2.2.2 TaintScope 9
2.3 2.3 Malware specific function identification and handling 10
2.3.1 Identification Cryptographic Primitives 10
2.3.2 Aligot 11
2.3.3 CIS 11
三、 惡意軟體攻擊方法分析探討 13
3.1 攻擊botnet的方法 13
3.2 對惡意軟體做攻擊的方法案例 14
3.2.1 Fuzz Bots 14
3.2.2 Analyze Bot and Attack C&C Server 16
3.2.3 Attack Botnet C&C Server 17
3.2.4 Attack RAT 19
3.3 攻擊惡意軟體的方法案例比較 21
四、 惡意軟體弱點型態整理與探討結果 22
五、 總結 31
參考文獻 33
1. McGraw, G., Software security. Security & Privacy, IEEE, 2004. 2(2): p. 80-83.
2. Oehlert, P., Violating assumptions with fuzzing. Security & Privacy, IEEE, 2005. 3(2): p. 58-62.
3. Ganesh, V., T. Leek, and M. Rinard. Taint-based directed whitebox fuzzing. in Software Engineering, 2009. ICSE 2009. IEEE 31st International Conference on. 2009. IEEE.
4. Matenaar, F., et al. CIS: The Crypto Intelligence System for automatic detection and localization of cryptographic functions in current malware. in Malicious and Unwanted Software (MALWARE), 2012 7th International Conference on. 2012. IEEE.
5. Caballero, J., et al. Input generation via decomposition and re-stitching: Finding bugs in malware. in Proceedings of the 17th ACM conference on Computer and communications security. 2010. ACM.
6. Jorge Mieres, K.L.E. Latin American banks under fire from the Mexican VOlk-Botnet. 2012; Available from: http://www.securelist.com/en/blog/208193160/Latin_American_banks_under_fire_from_the_Mexican_VOlk_Botnet2012-10-11.
7. Zhu, Z., et al. Botnet research survey. in Computer Software and Applications, 2008. COMPSAC'08. 32nd Annual IEEE International. 2008. IEEE.
8. Falliere, N. and E. Chien, Zeus: King of the Bots. Retrieved from Security Response Whitepapers Symantec Corp. website: http://www. symantec. com/content/en/us/enterprise/media/security_response/whitepapers/zeus_king_of_bots. pdf, 2009.
9. Wu, Y., et al. Malware network behavior extraction based on dynamic binary analysis. in Software Engineering and Service Science (ICSESS), 2012 IEEE 3rd International Conference on. 2012. IEEE.
10. Wang, P., et al., Honeypot detection in advanced botnet attacks. International Journal of Information and Computer Security, 2010. 4(1): p. 30-51.
11. Dinaburg, A., et al. Ether: malware analysis via hardware virtualization extensions. in Proceedings of the 15th ACM conference on Computer and communications security. 2008. ACM.
12. Moser, A., C. Kruegel, and E. Kirda. Exploring multiple execution paths for malware analysis. in Security and Privacy, 2007. SP'07. IEEE Symposium on. 2007. IEEE.
13. Godefroid, P., N. Klarlund, and K. Sen. DART: directed automated random testing. in ACM Sigplan Notices. 2005. ACM.
14. Egele, M., et al., A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys (CSUR), 2012. 44(2): p. 6.
15. Yoshioka, K., et al. Vulnerability in public malware sandbox analysis systems. in Applications and the Internet (SAINT), 2010 10th IEEE/IPSJ International Symposium on. 2010. IEEE.
16. Wang, T., et al. TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection. in Security and Privacy (SP), 2010 IEEE Symposium on. 2010. IEEE.
17. Weaver, A. and P. OWASP, Breaking Botnets: Finding App Vulnerabilities in Botnet Command and Control Servers., 2011.
18. Microsoft identifies two Zeus botnet crime ring suspects. 2012; Available from: http://news.cnet.com/8301-1009_3-57465470-83/microsoft-identifies-two-zeus-botnet-crime-ring-suspects/.
19. The top 10 spam botnets: New and improved. 2010; Available from: http://www.techrepublic.com/blog/10things/the-top-10-spam-botnets-new-and-improved/1373.
20. Oracle Security Alert for CVE-2012-4681. 2012; Available from: http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html.
21. Stone-Gross, B., et al., The underground economy of fake antivirus software, in Economics of Information Security and Privacy III. 2013, Springer. p. 55-78.
22. Clarke, T., Fuzzing for software vulnerability discovery. Department of Mathematic, Royal Holloway, University of London, Tech. Rep. RHUL-MA-2009-4, 2009.
23. Bekrar, S., et al. Finding software vulnerabilities by smart fuzzing. in Software Testing, Verification and Validation (ICST), 2011 IEEE Fourth International Conference on. 2011. IEEE.
24. Gröbert, F., C. Willems, and T. Holz. Automated identification of cryptographic primitives in binary programs. in Recent Advances in Intrusion Detection. 2011. Springer.
25. America's 10 most wanted botnets. 2009; Available from: http://www.networkworld.com/news/2009/072209-botnets.html.
26. Willems, C., T. Holz, and F. Freiling, Toward automated dynamic malware analysis using cwsandbox. Security & Privacy, IEEE, 2007. 5(2): p. 32-39.
27. Leder, F., T. Werner, and P. Martini, Proactive botnet countermeasures: an offensive approach. The Virtual Battlefield: Perspectives on Cyber Warfare, 2009. 3: p. 211-225.
28. Feily, M., A. Shahrestani, and S. Ramadass. A survey of botnet and botnet detection. in Emerging Security Information, Systems and Technologies, 2009. SECURWARE'09. Third International Conference on. 2009. IEEE.
29. Rodrigues, N.G., A. Nogueira, and P. Salvador, Fighting botnets-a systematic approach. 2012.
30. Stone-Gross, B., et al. Your botnet is my botnet: analysis of a botnet takeover. in Proceedings of the 16th ACM conference on Computer and communications security. 2009. ACM.
31. Bächer, P., et al. Know your Enemy: Tracking Botnets. 2008; Available from: http://www.honeynet.org/papers/bots/.
32. Song, D., et al., BitBlaze: A new approach to computer security via binary analysis, in Information systems security. 2008, Springer. p. 1-25.
33. Miller, C., et al., Crash analysis with BitBlaze. at BlackHat USA, 2010.
34. Chipounov, V., et al. Selective symbolic execution. in Workshop on Hot Topics in Dependable Systems. 2009.
35. Calvet, J., J.M. Fernandez, and J.-Y. Marion. Aligot: cryptographic function identification in obfuscated binary programs. in Proceedings of the 2012 ACM conference on Computer and communications security. 2012. ACM.
36. Rascagneres, P., et al. Analysis & pownage of herpesnet botnet. 2012; Available from: https://code.google.com/p/malware-lu/wiki/en_analyse_herpnet.
37. Hardin, B. and B. Rios. Imagination - XSS and XSRF. 2011; Available from: http://spotthevuln.com/2011/07/imagination-xss-and-xsrf/.
38. Rios, B.B. Turning the Tables. 2010; Available from: http://xs-sniper.com/blog/2010/09/27/turning-the-tables/.
39. Open Source Vulnerability Database (OSVDB). 2002 - 2013; Available from: http://www.osvdb.org/.
40. National Vulnerability Database. Available from: http://nvd.nist.gov/.
41. Open Malware. Available from: http://www.offensivecomputing.net/.
42. Malware Domain List. 2009; Available from: http://www.malwaredomainlist.com/.
43. CWE - Common Weakness Enumeration. Available from: http://nvd.nist.gov/cwe.cfm.
44. Puri, R., Bots & botnet: An overview. SANS Institute 2003, 2003.
45. Fabian, M.A.R.J.Z. and M.A. Terzis. My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging. in Proceedings of the 1st USENIX Workshop on Hot Topics in Understanding Botnets, Cambridge, USA. 2007.
46. Stone-Gross, B. Cutwail Spam Botnet Targeting Android Users. 2013; Available from: http://www.f-secure.com/weblog/archives/00002537.html.
47. FBI. Cyber Banking Fraud. 2010-2013; Available from: http://www.fbi.gov/news/stories/2010/october/cyber-banking-fraud.
48. Dunn, J.E. Popular Dirt Jumper DDoS toolkit riddled with security flaws, research finds. 2012; Available from: http://news.techworld.com/security/3376047/popular-dirt-jumper-ddos-toolkit-riddled-with-security-flaws-research-finds/.
49. Kaspersky Lab. Available from: http://www.securelist.com/en/.
50. Microsoft. Help protect yourself from the Conficker worm. 2009; Available from: http://www.microsoft.com/security/pc-security/conficker.aspx.
51. Huang, S.-K., et al. CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations. in Software Security and Reliability (SERE), 2012 IEEE Sixth International Conference on. 2012. IEEE.
 
 
 
 
第一頁 上一頁 下一頁 最後一頁 top

相關論文

無相關論文
 
* *