Upcoming Events
SCP Security Seminar
Speaker: Mingxuan Yao, Ph.D. student
Title: C&C On-Demand: An Empirical Study of Web Application Abuse for Malware Command and Control
Abstract: Web applications (apps) provide a wide array of utilities that are being abused by malware authors as a replacement for attacker-deployed C&C servers. Stopping this Web App-based Command and Control (WACC) requires collaboration between Incident Responders (IRs) and web app providers. However, little research has been done to prove that WACC malware are prevalent enough to warrant such an investment. To this end, we designed Marcea, a malware analysis pipeline to study the prevalence of WACC. Marcea revealed 487 WACC malware in 72 families abusing 30 web apps over the last 15 years. Our research uncovered the number of WACC malware increased by 5.5 times since 2020 and that 86% did not need to connect to an attacker-deployed C&C server. Our study uncovered patterns indicating how specific web apps attract or disincentivize WACC malware. Moreover, web app engagement data collected by Marcea suggests that these malware are active enough to produce up to 5,844,144 access points. To date, we have used Marcea to collaborate with the web app providers to take down 70% of the active WACC malware.
Biography: Mingxuan Yao is a fourth year Ph.D. student in the School of Electrical & Computer Engineering(ECE) at Georgia Institute of Technology, under the guidance of Professor Brendan Saltaformaggio in the Cyber Forensics Innovation (CyFI) Lab. He finished his Master Degree in Cybersecurity before that. His research interests lie in cyber attack forensics, and binary analysis techniques. His current research focuses on cyber-threats abusing prestigious web services, aiming to adopt different novel strategies to boost the analysis process.
Event Details
Media Contact
Pradyumna Shome, Ph.D. Student
pradyumna.shome@gatech.edu
EVENTS BY SCHOOL & CENTER
School of Computational Science and Engineering
School of Interactive Computing
School of Cybersecurity and Privacy
Algorithms and Randomness Center (ARC)
Center for 21st Century Universities (C21U)
Center for Deliberate Innovation (CDI)
Center for Experimental Research in Computer Systems (CERCS)
Center for Research into Novel Computing Hierarchies (CRNCH)
Constellations Center for Equity in Computing
Institute for People and Technology (IPAT)
Institute for Robotics and Intelligent Machines (IRIM)