Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Know your EK: A content and workflow analysis approach for exploit kits
Date
2019-02-01
Author
Suren, Emre
Angın, Pelin
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
149
views
0
downloads
Cite This
The prevalence and non-stop evolving technical sophistication of Exploit Kits (EKs) is one of the most challenging shifts in the modern cybercrime landscape. Over the last few years, malware infection via drive-by-download attacks have been orchestrated with EK infrastructures. An EK serves various types of malicious content via several threat vectors for a variety of criminal attempts, which are mostly monetary-centric. Malicious emails, malicious advertisements, and compromised websites redirect victim browsers to web-based EK families that are assembled to exploit client-side vulnerabilities and finally deliver evil payloads. Examples include mining crypto-currency to generate revenue, encrypting valuable files to demand ransom, stealing sensitive information for fraud, and turning the victim machine to a zombie to make it an instrument for further attacks. In this paper we provide an in-depth discussion of the EK philosophy and internals. We provide content analysis of the EK families from a publicly available dataset of over 2250 URLs using abstract syntax trees and propose strategies for protection from the devastating effects of this increasingly popular threat.
Subject Keywords
Exploit kit
,
Web malware
,
Drive-by-download
,
Cybercrime
,
Content analysis
URI
https://hdl.handle.net/11511/48873
Journal
Journal of Internet Services and Information Security
DOI
https://doi.org/10.22667/jisis.2019.02.28.024
Collections
Department of Computer Engineering, Article
Suggestions
OpenMETU
Core
I see EK: A lightweight technique to reveal exploit kit family by overall URL patterns of infection chains
Suren, Emre; Angın, Pelin; Baykal, Nazife (2019-01-01)
The prevalence and nonstop evolving technical sophistication of exploit kits (EKs) is one of the most challenging shifts in the modern cybercrime landscape. Over the last few years, malware infections via drive-by download attacks have been orchestrated with EK infrastructures. Malicious advertisements and compromised websites redirect victim browsers to web-based EK families that are assembled to exploit client-side vulnerabilities and finally deliver evil payloads. A key observation is that while the webp...
An efficient and novel detection technique for next generation web-based exploitation kits
Süren, Emre; Baykal, Nazife; Department of Information Systems (2019)
The prevalence and non-stop evolving technical sophistication of Exploit Kits (EKs) is one of the most challenging shifts in the modern cybercrime landscape. Over the last few years, malware infection via drive-by download attacks have been orchestrated with EK infrastructures. An EK serves various types of malicious content via several threat vectors for a variety of criminal attempts, which are mostly monetarycentric. In this dissertation, an in-depth discussion of the EK philosophy and internals is provi...
ENHANCING UML PORTS AND CONNECTORS TO INCREASE THE REUSABILITY AND PERFORMANCE OF AVIONICS SOFTWARE
Kocataş, Alper Tolga; Doğru, Ali Hikmet; Department of Computer Engineering (2023-1-5)
Model-driven software development (MDSD) techniques have evolved vastly over the recent decades. MDSD aims to raise the abstraction level, allowing developers to produce accurate designs which are also easier to verify. The focus of this research is on developing methods in MDSD that can be utilized in software development. In the scope of this research, we first present a method for enriching the UML connectors with behavioral specifications for the exogenous coordination of the components. The aim is to f...
Collaborative building control: a conceptual mixed-initiative framework
Topak, Fatih; Pekeriçli, Mehmet Koray (Taylor & Francis, 2021-6-22)
In the last two decades, automation systems have shown advanced developments and are widely adopted for various purposes in many fields. However, automation in buildings has not gained popularity and has a low acceptance level amongst the occupants. Decreased perceived control, ever-changing dynamic human needs, and standardized, one-size-fits-all approach in current automation systems lead to disharmony in human-machine coexistence. Although well-established continuous interaction between building control ...
Open design for product/part longevity: research through co-designing with a focus on small kitchen appliances
Bakırlıoğlu, Yekta; Doğan, Çağla; Department of Industrial Design (2017)
The rise in the open-source hardware practices, and Do-It-Yourself and Maker movements through newly-developing internet technologies (e.g. Wikis and user-generated content), and the dissemination of end-user focused digital production technologies (e.g. 3D printers, laser cutters, etc.) helped design practice evolve towards a more inclusive process. Open Design approach presents a continuous process of co-designing that is open to everyone, with no limitations on time, space and kind of contribution. In li...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
E. Suren and P. Angın, “Know your EK: A content and workflow analysis approach for exploit kits,”
Journal of Internet Services and Information Security
, pp. 24–47, 2019, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/48873.
