SGNET

Implementation insights

Corrado Leita, Marc Dacier

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Citations (Scopus)

Abstract

We present in this paper SGNET, a distributed framework to collect information on Internet attacks, with special attention to self-propagating malware and code injections. This framework is the result of our latest research work on the so-called ScriptGen technology. It is characterized by several unique characteristics that may allow it to provide in the future an extremely interesting perspective on the Internet attacks. In order to make it possible, we need to spread its observation points as much as possible to obtain a complete view on the different blocks of the IP space. We present here an overview of the characteristics of its design with special focus on the possibility to expand it and improve it with additional functional blocks. The SGNET is in fact an open initiative, integrating together tools produced by different research teams such as Argos (VU Amsterdam), Nepenthes, Anubis (TU Wien) and VirusTotal (Hispasec Sistemas). Everybody is welcome and encouraged to participate to this initiative, by hosting observation points and/or by extending this framework with additional modules.

Original languageEnglish
Title of host publicationNOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services
Pages1075-1078
Number of pages4
DOIs
Publication statusPublished - 2008
Externally publishedYes
EventNOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services - Salvador - Bahia
Duration: 7 Apr 200811 Apr 2008

Other

OtherNOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services
CitySalvador - Bahia
Period7/4/0811/4/08

Fingerprint

Internet
Malware

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

Leita, C., & Dacier, M. (2008). SGNET: Implementation insights. In NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services (pp. 1075-1078). [4575282] https://doi.org/10.1109/NOMS.2008.4575282

SGNET : Implementation insights. / Leita, Corrado; Dacier, Marc.

NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. p. 1075-1078 4575282.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Leita, C & Dacier, M 2008, SGNET: Implementation insights. in NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services., 4575282, pp. 1075-1078, NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services, Salvador - Bahia, 7/4/08. https://doi.org/10.1109/NOMS.2008.4575282
Leita C, Dacier M. SGNET: Implementation insights. In NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. p. 1075-1078. 4575282 https://doi.org/10.1109/NOMS.2008.4575282
Leita, Corrado ; Dacier, Marc. / SGNET : Implementation insights. NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services. 2008. pp. 1075-1078
@inproceedings{75f7c9d112e5472498c0471ad4a0d704,
title = "SGNET: Implementation insights",
abstract = "We present in this paper SGNET, a distributed framework to collect information on Internet attacks, with special attention to self-propagating malware and code injections. This framework is the result of our latest research work on the so-called ScriptGen technology. It is characterized by several unique characteristics that may allow it to provide in the future an extremely interesting perspective on the Internet attacks. In order to make it possible, we need to spread its observation points as much as possible to obtain a complete view on the different blocks of the IP space. We present here an overview of the characteristics of its design with special focus on the possibility to expand it and improve it with additional functional blocks. The SGNET is in fact an open initiative, integrating together tools produced by different research teams such as Argos (VU Amsterdam), Nepenthes, Anubis (TU Wien) and VirusTotal (Hispasec Sistemas). Everybody is welcome and encouraged to participate to this initiative, by hosting observation points and/or by extending this framework with additional modules.",
author = "Corrado Leita and Marc Dacier",
year = "2008",
doi = "10.1109/NOMS.2008.4575282",
language = "English",
isbn = "9781424420667",
pages = "1075--1078",
booktitle = "NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services",

}

TY - GEN

T1 - SGNET

T2 - Implementation insights

AU - Leita, Corrado

AU - Dacier, Marc

PY - 2008

Y1 - 2008

N2 - We present in this paper SGNET, a distributed framework to collect information on Internet attacks, with special attention to self-propagating malware and code injections. This framework is the result of our latest research work on the so-called ScriptGen technology. It is characterized by several unique characteristics that may allow it to provide in the future an extremely interesting perspective on the Internet attacks. In order to make it possible, we need to spread its observation points as much as possible to obtain a complete view on the different blocks of the IP space. We present here an overview of the characteristics of its design with special focus on the possibility to expand it and improve it with additional functional blocks. The SGNET is in fact an open initiative, integrating together tools produced by different research teams such as Argos (VU Amsterdam), Nepenthes, Anubis (TU Wien) and VirusTotal (Hispasec Sistemas). Everybody is welcome and encouraged to participate to this initiative, by hosting observation points and/or by extending this framework with additional modules.

AB - We present in this paper SGNET, a distributed framework to collect information on Internet attacks, with special attention to self-propagating malware and code injections. This framework is the result of our latest research work on the so-called ScriptGen technology. It is characterized by several unique characteristics that may allow it to provide in the future an extremely interesting perspective on the Internet attacks. In order to make it possible, we need to spread its observation points as much as possible to obtain a complete view on the different blocks of the IP space. We present here an overview of the characteristics of its design with special focus on the possibility to expand it and improve it with additional functional blocks. The SGNET is in fact an open initiative, integrating together tools produced by different research teams such as Argos (VU Amsterdam), Nepenthes, Anubis (TU Wien) and VirusTotal (Hispasec Sistemas). Everybody is welcome and encouraged to participate to this initiative, by hosting observation points and/or by extending this framework with additional modules.

UR - http://www.scopus.com/inward/record.url?scp=51849096912&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=51849096912&partnerID=8YFLogxK

U2 - 10.1109/NOMS.2008.4575282

DO - 10.1109/NOMS.2008.4575282

M3 - Conference contribution

SN - 9781424420667

SP - 1075

EP - 1078

BT - NOMS 2008 - IEEE/IFIP Network Operations and Management Symposium: Pervasive Management for Ubiquitous Networks and Services

ER -