• DocumentCode
    2381773
  • Title

    Revealing and analysing modem malware

  • Author

    Celeda, Pavel ; Krejci, Radek ; Krmicek, Vojtech

  • Author_Institution
    Inst. of Comput. Sci., Masaryk Univ., Brno, Czech Republic
  • fYear
    2012
  • fDate
    10-15 June 2012
  • Firstpage
    971
  • Lastpage
    975
  • Abstract
    Malware targeting broadband devices like ADSL modems, routers and wireless access points is very frequent in recent days. In this paper, we provide a formal description of modem malware life cycle. Furthermore, we propose a set of techniques to perform detailed analysis of infected modem and we provide the binary samples of modem malware at our web repository. Description of the modem malware evolution is also included. Based on our experiences with analysing and monitoring modem malware, we report on long-term statistics of modem malware activities in campus network including a discovery of new botnet. We propose NetFlow based detection method to reveal the modem malware spreading.
  • Keywords
    invasive software; ADSL modems; NetFlow based detection method; Web repository; botnet; broadband devices; campus network; formal description; long-term statistics; modem malware life cycle; modem malware spreading; routers; wireless access points; IP networks; Malware; Modems; Random access memory; Servers; ISP; Linux; MIPSel; NetFlow; botnet; malware; modem; monitoring; network; security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications (ICC), 2012 IEEE International Conference on
  • Conference_Location
    Ottawa, ON
  • ISSN
    1550-3607
  • Print_ISBN
    978-1-4577-2052-9
  • Electronic_ISBN
    1550-3607
  • Type

    conf

  • DOI
    10.1109/ICC.2012.6364598
  • Filename
    6364598
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2381773