Mining for Malware – There's Gold in Them Thar Proxy Logs!

Posted in SANSRR on November 17th, 2008 by SANS

Category: Malicious Code

Paper Added: November 17, 2008

This entry was posted on Monday, November 17th, 2008 at 8:42 pm and is filed under SANSRR. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

Search
Categories
- "Beverage" Cooling Contraption Contest (1)
- "End of Internet" (1)
- #nomorefreebugs (1)
- *canceled* Defcon Geo Challenge *canceled* (1)
- *canceled* Hack Fortress *canceled* (1)
- /dev/null (4)
- 0day (1)
- 10,000¢ Hacker Pyramid (4)
- 2.0 (1)
- ABE (2)
- activity (1)
- Administravia (2)
- aircraft (1)
- Airline Security (1)
- alextaylor (1)
- Amsterdam (1)
- announcement (1)
- Anonymity (1)
- app (2)
- App Security (2)
- Apple (2)
- applestore (2)
- Application Security (11)
- Arbor Networks (8)
- art (1)
- Art & Animation (2)
- article (7)
- Artwork Contest(s) (1)
- ATLAS (2)
- Attacks (1)
- authorreadings (1)
- avaya (1)
- Backdoor Hiding Contest (3)
- Badge Hacking Contest (10)
- ballroom (1)
- barbican (1)
- Be The Match Foundation – Bone Marrow Drive (3)
- bethnalgreen (1)
- Blog (22)
- Books (1)
- Botnets (4)
- bowroad (1)
- Breach (1)
- bruteforce (1)
- bruteforcing (2)
- Bugs (1)
- burp (7)
- burp intruder (2)
- business (12)
- camera (5)
- cameras (1)
- central (1)
- chambermusic (1)
- charingcross (1)
- charlesmartin (1)
- childrens (1)
- chisenhale (1)
- chisenhalegallery (1)
- classicalmusic (1)
- Clickjacking (1)
- Cloud Security (2)
- code (6)
- coldfusion (1)
- Columns – Haddix (1)
- Columns – Linn (6)
- Columns – Murray (1)
- Comedy (12)
- comedyvirgins (1)
- comics (1)
- command execution (1)
- commentary (1)
- Community Talk (24)
- Computer Components – Software / Internet (2)
- Computer Components – Video Cards (1)
- conferences (2)
- CONFidence (1)
- Cool Commercials (5)
- Crack Me If You Can (13)
- Crash and Compile (4)
- Crime (3)
- Critical Infrastructure (3)
- csrf (3)
- CSRF and Session Info (38)
- CTP : Capture the Packet (5)
- cups (1)
- CVE-2009-1151 (1)
- cyber warfare (1)
- Dance & Theatre (1)
- dannywallace (1)
- Dark Tangent's Tamper Evident Contest (2)
- Data Security (2)
- david (1)
- DC101 (7)
- DC18: Official and Unofficial Events and Contests (2)
- DC206 — Seattle, WA (1)
- DC207 — Auburn, ME (1)
- DC407 — Orlando, FL (2)
- DC713 — Houston, TX (1)
- DC801 — Salt Lake City, UT (2)
- DC815 — Rockford, IL (1)
- DC970-1 — Fort Collins, CO (1)
- ddos (1)
- deadbird (1)
- DEFCON 18 and Recovery (30)
- DEFCON 18 Planning (21)
- DEFCON 19 Planning (8)
- Defcon Shoot (12)
- Defcon Short Story contest (1)
- director (1)
- directory (1)
- Disclosure (1)
- discovery (1)
- distro (1)
- dnsmap (2)
- DoS (4)
- drawing (1)
- Drunken Banter (9)
- Dumbass (3)
- embedded (2)
- Entertainment (14)
- enumeration (1)
- eusecwest (1)
- event (3)
- Events (10)
- exhibition (1)
- Exhibitions (4)
- exploit (4)
- Facebook (1)
- Family (3)
- familyactivity (1)
- Featured Research (24)
- Features – /root (10)
- Features – Book Reviews (4)
- Features – Skillz (4)
- Festivals (1)
- Film (4)
- firefox (1)
- firmware (1)
- FlashGot (1)
- folk (1)
- Forum Meet (1)
- Forums (253)
  - Astalavista (253)
- franzferdinand (1)
- Freakshow Party and Related Events or Contests (1)
- free (7)
- freeevents (4)
- freefall (1)
- friday (1)
- Full Disclosure (43)
- fun (1)
- Funny (2)
- General Announcements (1)
- General News (4)
- gift card (1)
- giuliabacci (1)
- Google (4)
- Goon Band — Recognize (2)
- greateasternstreet (1)
- guinnessworldrecords (1)
- hack (1)
- hacker (1)
- Hacker Jeopardy (1)
- Hacker Karaoke (2)
- hacking (15)
- Hardware (2)
- Hardware Hacking Village (10)
- harryhill (1)
- harryhillstvburp (1)
- hitb (1)
- hitbsecconf (1)
- hmvoxfordstreet (1)
- How To (47)
- Hype Cycles (2)
- ID Theft (1)
- Identity and Access Management (9)
- Identity and Access Program Management (8)
- Identity Verification (6)
- IE (2)
- Infrastructure Protection (7)
- Insider Threat (1)
- Interesting Research (1)
- international (1)
- Internet (4)
- Internet service provider (1)
- Internet traffic (1)
- Intro (31)
- intuity (1)
- iphone (1)
- IPv6 (1)
- itunes (1)
- jazz (1)
- jeriko (1)
- kids (1)
- kissing (1)
- Knowledge (41)
  - SANSRR (35)
  - WebCasts (6)
- krakow (1)
- Legal Aspects (2)
- leicestersquare (2)
- Life (1)
- link (8)
- linksys (6)
- Linux (1)
- Literary (2)
- Local Meetings & Other Events (18)
- london (7)
- londonisfree (2)
- LosT @ Con Mystery Challenge (12)
- Magic Quadrants (3)
- Magic Quadrants and MarketScopes (27)
- magstripe (1)
- Malware (6)
- manipulation (1)
- Massage Table In Contest Room (2)
- mileend (1)
- Military (1)
- Mohawk-Con! (1)
- mount (1)
- movies (1)
- Mozilla (17)
- museum (1)
- Music (3)
- Music & Dance (1)
- nationalportraitgallery (1)
- network (1)
- Networking (2)
- New Ideas (2)
- News (19049)
  - CGI Security (96)
  - E-Week (12347)
  - Gartner (41)
  - ISC (1348)
  - Network World (4604)
  - SANS (135)
  - SANSNB (131)
  - Zone-H (19)
- News & Events (1)
- News – Latest (3)
- News Analysis (1)
- News and Links (20)
- Ninja Networks Badge and Events (5)
- nonsense (1)
- NoScript (13)
- npg (1)
- Obfuscation (90)
- obsessedabout (1)
- odeon (1)
- Official DEF CON DJs, Music, and Events (8)
- oldstreet (1)
- OMG Ponies (64)
- Open CTF (3)
- Other (4)
- outage (2)
- pagvac (5)
- Patches (1)
- PCB PWNage (2)
- peering (1)
- people (1)
- People & Stories (1)
- Pets & Animals (1)
- Photo/Image Discussion (2)
- photographeroftheyear (1)
- photography (1)
- phpMyAdmin (1)
- piccadillycircus (1)
- podcast (1)
- Podcasts (1)
- Politics (8)
- pop (1)
- premieres (1)
- privacy (9)
- programming (1)
- project (2)
- Projects (28)
- python (1)
- QueerCon (1)
- raf (1)
- Random Security (10)
- Recent Research (76)
- remote (1)
- research (1)
- Reverse Engineering (1)
- Ricketts Sniffing/Trivia Contest UNOFFICIAL (last minute addition) (2)
- Ride and Room Sharing (30)
- Robots/Spiders/CAPTCHAs, oh my (2)
- SCADA Security (1)
- scanners (2)
- Scavenger Hunt (8)
- Science & Tech (29)
- Search Engine Hacking and SEO (1)
- security (15)
- Security Briefing (6)
- security scanner (1)
- Security Tools (438)
- secwest (1)
- SEO/SEM (1)
- shirley (1)
- shoreditch (1)
- simonmartin (1)
- simonmassey (1)
- skills (1)
- skins (1)
- skydive (1)
- Skytalks (2)
- slides (1)
- social engineering (1)
- Social Media (1)
- soho (1)
- Spotlights (20)
- SQL (1)
- SQL and Code Injection (233)
- SSL (1)
- standup (1)
- stream (1)
- subdmain (1)
- subdomain (1)
- sweatshop (1)
- swimming (1)
- Tech (1)
- technology (144)
- teddington (1)
- The Basics (26)
- The Summit (2)
- thefoundry (1)
- thick clients (1)
- titanic (1)
- tool (1)
- Tools (632)
- Toxic BBQ (3)
- trafalgarsquare (2)
- training (1)
- Travel & Outdoors (1)
- traversal (1)
- Trojan Horses (1)
- TV & Radio Recordings (2)
- tvradiorecording (1)
- twilight (1)
- twitter (1)
- Twitter Hunt (4)
- Uncategorized (8285)
- update (1)
- updates (1)
- us (12)
- V13P (14)
- Value Added News Discussion (7)
- Vendor News (1)
- Vendor Ratings (2)
- Vendor Talk (1)
- victoriapark (1)
- video (13)
- Video Games (20)
- Vitals – EH-Net News (15)
- vulnerabilities (9197)
  - debian (181)
  - SANS (958)
  - Secunia (1250)
  - SecurityFocus (6578)
  - TechNet (173)
  - US-CERT (57)
- vulnerability (10)
- Wall of Sheep (2)
- war (1)
- watchmen (1)
- web (1)
- web application (1)
- web application security scanner (1)
- Web Security (1)
- web2.0 (2)
- Webappsec (32)
- Wheels & Wings (3)
- windows (1)
- Wireless Security (30)
- XSS (7)
- XSS Info (44)
- YouTube (2)
Recent Posts
Noise
.net apache application architecture asp astalavista blackberry code cve defcon encryption enterprise exploit fedora forums gartner iis kernel Knowledge linux microsoft News password patch php privacy samba sans security smtp solaris sql ssh sun Tools ubuntu unix vulnerabilities vulnerability web webcasts whitepapers windows XSS

The Glider

Mining for Malware – There's Gold in Them Thar Proxy Logs!

Search

Categories

Recent Posts

Noise