%0 Conference Proceedings
%T Cyber Threats Monitoring: Experimental Analysis of Malware Behavior in Cyberspace
%+ Chercheur indépendant
%+ Università degli Studi di Milano = University of Milan (UNIMI)
%+ Italian Army
%+ High Tech Crime Department (RTI)
%+ Dipartimento di Informatica [Italy] (DI)
%A Colombini, Clara, Maria
%A Colella, Antonio
%A Mattiucci, Marco
%A Castiglione, Aniello
%Z Part 2: Security Engineering
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 1st Cross-Domain Conference and Workshop on Availability, Reliability, and Security in Information Systems (CD-ARES)
%C Regensburg, Germany
%Y Alfredo Cuzzocrea
%Y Christian Kittl
%Y Dimitris E. Simos
%Y Edgar Weippl
%Y Lida Xu
%I Springer
%3 Security Engineering and Intelligence Informatics
%V LNCS-8128
%P 236-252
%8 2013-09-02
%D 2013
%K Cyberspace
%K Digital Profiling
%K Malware
%K Cyber Threat
%K Honeypot
%K Cyber Weapon
%K Digital Behavior
%Z Computer Science [cs]
%Z Humanities and Social Sciences/Library and information sciencesConference papers
%X Cyberspace is a borderless new universe in which all actors, including States, share information and communications technologies, now indispensable to the modern lifestyle. Starting from the beginning of the 21st century, the ability to leverage the cyberspace has become the most important source of power. Due to the proliferation of ICT systems into all aspects of life, the importance of information for political matters has increased awfully. State and non-State actors can use this power to achieve objectives into cyberspace and physical world. Low cost and high potential impact make cyber-power attractive to all actors. In fact, cyber threats have grown exponentially with the proliferation of the cyberspace infrastructures. Consequently, cyberspace has become a war-fighting domain with the potential to destroy or make useless logical, physical, technical, and virtual infrastructure, damaging in fact critical National capabilities.This scenario forces all national institutions to a review of their defense strategies, because of the difficulties to identify the actors of a cyber-attack. It then becomes necessary to gain a broader view of the problem to acquire more detailed information, useful to identify such sources of cyber-attacks. This new point of view can be achieved by using the analytical method developed by the authors and applied to data streams flowing across the cyberspace. In this way we can collect, detect, isolate and analyze the behavior of those malware that are acting as cyber weapons, through the implementation of an honeypot-based system such as the one presented in this paper.
%G English
%2 https://inria.hal.science/hal-01506705/document
%2 https://inria.hal.science/hal-01506705/file/978-3-642-40588-4_17_Chapter.pdf
%L hal-01506705
%U https://inria.hal.science/hal-01506705
%~ SHS
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC5
%~ IFIP-WG
%~ IFIP-TC8
%~ IFIP-CD-ARES
%~ IFIP-WG8-4
%~ IFIP-WG8-9
%~ IFIP-LNCS-8128