Predictive Model for Exploit Kit based Attacks

Slim Trabelsi, Skander Ben Mahmoud, Anis Zouaoui

Abstract

Exploit kits are becoming frequently used to generate attacks against systems and software components. These exploit kits are really popular among the non-expert community (script kiddies) and are publicly available on Social Medias. In this paper we demonstrate how this popularity of such exploit kits on social media can impact the severity of the attacks generated from these tools. We propose we propose a new predictive model to estimate in advance the possible attacks that could be generated from trendy kits.

References

  1. Chen, J. C., Li, B., 2015. Evolution of Exploit Kits: Exploring Past Trends and Current Improvements. Trend Micro White paper report 2015.
  2. CISCO, 2015. Midyear Security Report http://www.cisco.c om/assets/global/UK/events/switchup_challenge/pdf/c isco-msr-2015.pdf.
  3. Zaharia, A., 2015. The Ultimate Guide to Angler Exploit Kit for Non-Technical People. Heimdal Security https://heimdalsecurity.com/blog/ultimate-guide-angle r-exploit-kit-non-technical-people/
  4. Trabelsi S., Plate H., Abida A., Ben Aoun M., Zouaoui A., Missaoui C., Gharbi S. and Ayari A., 2015. Mining social networks for software vulnerabilities monitoring. In 7th Internation-al Conference on New Technologies, Mobility and Security (NTMS), 2015 (pp. 1-7). IEEE.
  5. Sabottke C., Suciu. O. and Dumitras, T,. 2015. Vulnerability disclosure in the age of social media: Exploiting Twitter for predicting real-world exploits. USENIX Security Symposium (USENIX Security), Washington DC.
  6. Edkrantz, M., Said, A., 2015. Predicting Cyber Vulnerability Exploits with Machine Learning. IEEE 2nd International Conference on Cyber Security and Cloud Computing (CSCloud) (pp513 - 514).
  7. Trabelsi, S., 2015. SMASH Goes Live: Software Vulnerability Live Monitoring on HANA. SAP Community Network https://scn.sap.com/communit y/hana-in-memory/use-cases/blog/2015/06/04/smash-g oes-live-software-vulnerability-live-monitoring-on-ha na.
  8. Trabelsi, S., 2015: SMASH Demo: Monitoring Software Vulnerabilities through Social Media Analysis. SAP Community Network . http://scn.sap.com/community/s ecurity/blog/2015/11/05/smash-demo-monitoring-soft ware-vulnerabilitites-through-social-media-analysis.
  9. Trabelsi S., Plate H., Abida A., Ben Aoun M., Zouaoui A., Missaoui C., Gharbi S. and Ayari A., 2015. Monitoring Software Vulnerabilities through Social Networks Analysis. In Pro-ceedings of the 12th International Conference on Security and Cryptography, pages 236- 242.
  10. Bakshy, E., Hofman, J. M., Mason, W. A., & Watts, D. J., 2011. Everyone's an influencer: quan-tifying influence on twitter. In Proceedings of the fourth ACM international conference on Web search and data mining (pp. 65-74). ACM.
  11. Rosenman, E. T.. 2012. Retweets-but not just retweets: Quantifying and predicting influence on twitter (Doctoral dissertation, Bachelor's thesis, applied mathematics. Harvard College, Cambridge).
  12. McAfee, 2015. Labs Threat Report May http://www.mcafee.com/us/resources/reports/rp-quarte rly-threat-q1-2015.pdf.
  13. TrendLabsSM 3Q 2015 Security Roundup http://www.trendmicro.com/cloud-content/us/pdfs/sec urity-intelligence/reports/rpt-hazards-ahead.pdf.
  14. F-Secure Labs, 2015. Hacking Team 0-day Flash Wave with Exploit Kits https://www.f-secure.com/weblog/a rchives/00002819.html.
Download


Paper Citation


in Harvard Style

Trabelsi S., Mahmoud S. and Zouaoui A. (2016). Predictive Model for Exploit Kit based Attacks . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 477-482. DOI: 10.5220/0005999904770482


in Bibtex Style

@conference{secrypt16,
author={Slim Trabelsi and Skander Ben Mahmoud and Anis Zouaoui},
title={Predictive Model for Exploit Kit based Attacks},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={477-482},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005999904770482},
isbn={978-989-758-196-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Predictive Model for Exploit Kit based Attacks
SN - 978-989-758-196-0
AU - Trabelsi S.
AU - Mahmoud S.
AU - Zouaoui A.
PY - 2016
SP - 477
EP - 482
DO - 10.5220/0005999904770482