Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Titans’ revenge: detecting Zeus via its own flaws
Riccardi M., Di Pietro R., Palanques M., Vila J. Computer Networks57 (2):422-435,2013.Type:Article
Date Reviewed: Jul 30 2013

Malware has become an underground industry, rapidly evolving in response to attempts by computer security experts and organizations to keep it in check. One of the most notorious examples of this pattern is Zeus malware, and specifically the Zeus crimeware toolkit, which allows individuals to create tailored Trojans that are used to establish botnets for stealing financial information. These networks have been linked to large financial losses, especially when stolen banking credentials are used to transfer large sums of money into offshore accounts [1].

The authors of this paper describe their novel approach to detecting Zeus: break its encrypted communications traffic. They have implemented this method in their own intrusion detection system (IDS), pithily named Cronus.

Given the rapidly evolving nature of malware in general, it may seem that a paper submitted in late 2011, and published in late 2012, might be outdated in late 2013. In fact, Zeus has recently resurfaced and is once more in the spotlight [2], so this research remains highly relevant for anyone interested in computer security and computer forensics. The level of technical detail in the paper will be of immense use to readers dealing directly with Zeus derivatives, as well as anyone seeking a more detailed understanding of methods that can be applied to intrusion detection problems.

Reviewer:  Nathan Carlson Review #: CR141407 (1310-0945)
1) Coogan, P. Zeus, king of the underground crimeware toolkits. Symantec Security Response blog, Aug. 25, 2009, http://www.symantec.com/connect/blogs/zeus-king-underground-crimeware-toolkits.
2) Casey, K. ZeuS malware returns, targets SMBs. InformationWeek. June 5, 2013, http://www.informationweek.com/smb/security/zeus-malware-returns-targets-smbs/240156113.
Bookmark and Share
 
Invasive Software (K.6.5 ... )
 
 
Code Breaking (E.3 ... )
 
 
Invasive Software (D.4.6 ... )
 
 
Security and Protection (C.2.0 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Invasive Software": Date
Rogue programs: viruses, worms and Trojan horses
Hoffman L. (ed) Van Nostrand Reinhold Co., New York, NY,1990. Type: Divisible Book
Sep 1 1991
Computer viruses and anti-virus warfare
Hruska J., Ellis Horwood, Upper Saddle River, NJ, 1990. Type: Book (9780131710672)
Sep 1 1991
The computer virus handbook
Levin R., Osborne/McGraw-Hill, Berkeley, CA, 1990. Type: Book (9780078816475)
Sep 1 1991
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy