Analyses of malicious software long term activity – a case study

Krzytof Cabaj; Witold Wysota; Konrad Grochowski; Piotr Gawkowski

doi:10.24425/ijet.2024.152512

International Journal of Electronics and Telecommunications (Nov 2024)

Analyses of malicious software long term activity – a case study

Krzytof Cabaj,
Witold Wysota,
Konrad Grochowski,
Piotr Gawkowski

Affiliations

Krzytof Cabaj: Faculty ofElectronics and Information Technology, Warsaw University of Technology, Warsaw, Poland
Witold Wysota: Faculty of Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland
Konrad Grochowski: Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland
Piotr Gawkowski: Electronics and Information Technology, Warsaw University of Technology, Warsaw, Poland

DOI: https://doi.org/10.24425/ijet.2024.152512
Journal volume & issue: Vol. vol. 70, no. No 4

Abstract

Read online

The paper describes the approach, instruments, and their evolution over a prolonged investigation of data collected by a honeypot system. The data is focused on network activity of a cybersecurity threat, in particular, attacks and activity throughout last five years of bots belonging to Smominru botnet. Conducted analyses include, but are not limited to, IP addresses used during attacks, day by day activity and evolution of malicious executables distributed over the observation period. The presented results also contain behavioural analysis of the threat and attack sources. Moreover, the paper details the systems used for data acquisition, their modifications along the observations made and all the tools developed to achieve the results.

Published in International Journal of Electronics and Telecommunications

ISSN: 2081-8491 (Print); 2300-1933 (Online)
Publisher: Polish Academy of Sciences
Country of publisher: Poland
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://Ijet.pl

About the journal

Abstract

Keywords