More than 90 independent honeypots have observed malware traffic at the Japanese tier-1 backbone. Typical attacks were made by mUltiple servers, coordinating to send many kinds of malware. This paper aims to discover some frequent new sequential attack patterns of mal ware. It is not easy to identify particular patterns logs of one year because the volume of dataset is too large to investigate one by one. To overcome the problem, this paper proposes data mining algorithm, the PrejixSpan method. We implement the PrejixSpan algorithm to analyze the malware footprints and show the experimental result. The result of analysis shows that the attacks are performed by multiple sequential attack patterns within a short amount of time.
Mendeley saves you time finding and organizing research
Choose a citation style from the tabs below