Nazca: Detecting Malware Distribution in Large-Scale Networks presented at NDSS 2014

by Christopher Kruegel, Giovanni Vigna, Luca Invernizzi, Stanislav Miskovic, Ruben Torres, Sabyasachi Saha, Sj Lee, Marco Mellia,

Summary : In this paper, we look at the collective network traffic produced by thousands of clients, and we detect malware downloads without analyzing the downloaded programs. Instead, we study patterns that become apparent only when leaving the myopic view of individual downloads, by observing malware distribution infrastructures as sophisticated and blacklist-resilient content distribution networks.