RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
A Proposal of Malware Distinction Method Based on Scan Patterns Using Spectrum Analysis
ICONIP '09 Proceedings of the 16th International Conference on Neural Information Processing: Part II
An incident analysis system NICTER and its analysis engines based on data mining techniques
ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security
DAEDALUS-VIZ: novel real-time 3D visualization for darknet monitoring-based alert system
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Hi-index | 0.00 |
We have been developing the Network Incident analysis Center for Tactical Emergency Response (nicter), whose present focus is on detecting and identifying propagating malwares such as worms, viruses, and bots. The nicter presently monitors darknet, a set of unused IP addresses, to observe macroscopic trends of network threats. Meantime, it keeps capturing and analyzing malware executables in the wild for their microscopic analysis. Finally, these macroscopic and microscopic analysis results are correlated in order to identify the root cause of the detected network threats. This paper describes a brief overview of the nicter, and possible contributions to the Worldwide Observatory of Malicious Behavior and Attack Tools (WOMBAT).