Cybercrime 2.0

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback
Take a look at the new version of this page: [ beta version ]. Tell us what you think.

Cybercrime 2.0: when the cloud turns dark

Full text

Digital Edition , Html

Html (32 KB), Pdf

Pdf (9.85 MB)

Source

Communications of the ACM archive
Volume 52 , Issue 4 (April 2009) table of contents
A Direct Path to Dependable Software

SECTION: Practice table of contents

Pages: 42-47

Year of Publication: 2009

ISSN:0001-0782

Authors

Niels Provos	Google
Moheeb Abu Rajab	Google
Panayiotis Mavrommatis	Google

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 180, Downloads (12 Months): 1829, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1498765.1498782 What is a DOI?

ABSTRACT

Web-based malware attacks are more insidious than ever. What can be done to stem the tide?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Barth, A., Jackson, C., and Reis, C. The Security Architecture of the Chromium Browser; http://crypto.stanford.edu/websec/chromium/chromium-security-architecture.odf.
	2	Brumley, D., Hartwig, C., Kang, M., Liang, Z., Newsome, J., Song, D., and Yin, H. BitScope: Automatically dissecting malicious binaries. Technical Report Technical Report CMU-CS-07-133, School of Computer Science, Carnegie Mellon University, March 2007.
	3	Court halts bogus computer scans (Dec. 2008); www.ftc.gov/opa/2008/12/winsoftware.shtm.
	4	Chris Grier , Shuo Tang , Samuel T. King, Secure Web Browsing with the OP Web Browser, Proceedings of the 2008 IEEE Symposium on Security and Privacy, p.402-416, May 18-21, 2008 [doi>10.1109/SP.2008.19]
	5	Krebs, B. Internet Explorer unsafe for 284 days in 2006. Washington Post Online Blog, Jan. 2007.
	6	Krebs, B. Blogfight: IE vs. Firefox security. Washington Post Online Blog, Jan. 2009.
	7	Microsoft. Microsoft Security Bulletin MS06-014: Vulnerability in the Microsoft Data Access Components (MDACS) Function Could Allow Code Execution. May 2006.
	8	Microsoft. Microsoft Security Advisory (935423): Vulnerability in Windows Animated Cursor Handling, Mar. 2007.
	9	Andreas Moser , Christopher Kruegel , Engin Kirda, Exploring Multiple Execution Paths for Malware Analysis, Proceedings of the 2007 IEEE Symposium on Security and Privacy, p.231-245, May 20-23, 2007 [doi>10.1109/SP.2007.17]
	10	Michalis Polychronakis , Panayiotis Mavrommatis , Niels Provos, Ghost turns zombie: exploring the life cycle of web-based malware, Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats, p.1-8, April 15-15, 2008, San Francisco, California
	11	Provos, N. Using htaccess To Distribute Malware. Dec. 2008; www.provos.org/index.php?/archives/55-Using-htaccess-To-Distribute-Malware.html.
	12	Niels Provos , Panayiotis Mavrommatis , Moheeb Abu Rajab , Fabian Monrose, All your iFRAMEs point to Us, Proceedings of the 17th conference on Security symposium, p.1-15, July 28-August 01, 2008, San Jose, CA
	13	Raz, R. Asprox silent defacement. Chapters in Web Security, Dec. 2008; http://chaptersinWebsecurityblogspot.com/2008/07/asprox-silent-defacement.html.
	14	Sam Small , Joshua Mason , Fabian Monrose , Niels Provos , Adam Stubblefield, To catch a predator: a natural language approach for eliciting malicious payloads, Proceedings of the 17th conference on Security symposium, p.171-183, July 28-August 01, 2008, San Jose, CA
	15	Stewart, J. Danmec/Asprox SQL injection attack tool analysis. Secure Works Online, May 2008; www.secureworks.com/research/threats/danmecasprox.