DOCSLIB.ORG

Generation of an Iot Botnet Dataset in a Medium-Sized Iot Network

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Generation of an Iot Botnet Dataset in a Medium-Sized Iot Network MedBIoT: Generation of an IoT Botnet Dataset in a Medium-sized IoT Network Alejandro Guerra-Manzanares a, Jorge Medina-Galindo, Hayretdin Bahsi b and Sven Nomm˜ c Department of Software Science, Tallinn University of Technology, Tallinn, Estonia falejandro.guerra, hayretdin.bahsi, [email protected], [email protected] Keywords: Botnet, Internet of Things, Dataset, Intrusion Detection, Anomaly Detection, IoT. Abstract: The exponential growth of the Internet of Things in conjunction with the traditional lack of security mecha- nisms and resource constraints associated with these devices have posed new risks and challenges to security in networks. IoT devices are compromised and used as amplification platforms by cyber-attackers, such as DDoS attacks. Machine learning-based intrusion detection systems aim to overcome network security lim- itations relying heavily on data quantity and quality. In the case of IoT networks these data are scarce and limited to small-sized networks. This research addresses this issue by providing a labelled behavioral IoT data set, which includes normal and actual botnet malicious network traffic, in a medium-sized IoT network infrastructure (83 IoT devices). Three prominent botnet malware are deployed and data from botnet infec- tion, propagation and communication with C&C stages are collected (Mirai, BashLite and Torii). Binary and multi-class machine learning classification models are run on the acquired data demonstrating the suitability and reliability of the generated data set for machine learning-based botnet detection IDS testing, design and deployment. The generated IoT behavioral data set is released publicly available as MedBIoT data set∗. 1 INTRODUCTION lam, 2017; Bosche et al., 2018; Pratt, 2019). Their ubiquity will pose a major challenge to secu- The adoption of the Internet on an increasing wider rity as IoT devices have traditionally lacked of proper scope, i.e., providing connectivity capabilities to ev- control measures and proactive security management eryday objects, is a reality. In fact, the rise of the (e.g., usage of default passwords, no firmware up- Internet of Things (IoT) has just begun and it is ex- dates, no access control policy), featuring them as pected to have a major increase in the near future. It high vulnerable and prone to be compromised devices was estimated that there would be 26.66 billion active (Bertino and Islam, 2017). These features have been IoT devices by 2019, a figure that may be increased exploited by malicious actors, being able to compro- up to 75 billion by 2025 (Statista, 2019). 127 new mise the defenseless devices by exploiting its vulnera- IoT devices are connected to the Internet every second bilities, gaining remote access and using them as mag- (McKinsey, 2017) in a wide range of applications, nification platforms for their massive attacks (Kolias from factories and smart cities sensors to healthcare et al., 2017). An IoT botnet is just a particular type of and car products. The market size is calculated to botnet in which the compromised devices are IoT de- grow over $212 billion by 2019 and reach $1.6 trillion vices, thus showing analogous scheme and dynamics by 2025 (Liu, 2019). However, the adoption of the to computer botnets. In this regard, when a vulnera- bot IoT technology still poses usability concerns even to ble device is compromised it becomes a , a mem- early adopters and eager customers, related to device ber of a larger community of compromised devices, botnet security and data privacy issues (Bosche et al., 2018; called , under the control of a malicious actor, botmaster Sklavos et al., 2017). Thus, despite its huge growth, the . The botmaster has remote access and the Internet of Things market explosion is still being control of the bot over the Internet, without the con- limited by its main barrier: security (Bertino and Is- sent and awareness of the actual owner of the com- promised device, using a Command&Control (C&C) server (Silva et al., 2013). Botnets have been used a https://orcid.org/0000-0002-3655-5804 to perpetrate a wide range of malicious attacks, from b https://orcid.org/0000-0001-8882-4095 c https://orcid.org/0000-0001-5571-1692 ∗Available at https://cs.taltech.ee/research/data/medbiot massive SPAM and phishing campaigns to distributed As already stated, the Internet of Things is a real- denial-of-service (DDoS), the most common usage of ity that will become ubiquitous in the following years. a botnet. A DDoS attack targets the availability of This fact combined with the lack of proper security online resources, such as websites or services. The measures and devices inherent vulnerabilities make main goal is to saturate the targeted server or network IoT devices an easy and appealing target for cyber with more traffic than it can handle (e.g., receiving attackers (Bertino and Islam, 2017). Thus, proper an overwhelming amount of messages, connection re- data are in need to create machine learning-based ef- quests or forged packets) thus provoking the service fective detection systems that may help to overcome or website to crash and become unavailable to legiti- these limitations. In this regard, there is a remarkable mate users requests (Weisman, 2019). lack of available data sets that might help to build ef- fective IDSs in IoT networks. This research aims to 1.1 Data Sets for IoT Anomaly fill this significant gap in IoT anomaly-based IDSs by Detection providing a novel IoT data set obtained from medium size IoT network architecture (more than 80 devices), which includes normal and malicious behavior from The phenomenon of botnet detection in computer net- different devices (real and emulated) and the deploy- works has been widely studied (Garcia et al., 2014; ment of prominent IoT botnets (Mirai, BashLite and Feily et al., 2009), with many available data sets at Torii). The scale extension enables to capture mal- hand (Shiravi et al., 2012), while the most recent IoT ware spreading patterns that cannot be seen in small- network botnet phenomenon has not received the re- sized networks, thus providing a more realistic envi- quired attention yet, showing a remarkable lack of ronment. Additionally, this data set includes the be- available data sources. Data sets for building effective IoT anomaly de- havior of Torii botnet malware which has not been tection methods rely on the acquisition of both le- addressed in any other data set before. Finally, this gitimate (normal) and malicious (botnet) behavioral data set provides data for the first stages of botnet de- data from IoT networks. Anomaly models are built ployment (i.e., infection, propagation and communi- and trained using only legitimate data to establish the cation with C&C server stages), thus complementing so-called normality patterns. The induced models are the available data sets which mainly focus on attack tested using legitimate and malicious data, where the detection, the main outcome and part of the last stages metrics related to model’s detection performance are of the botnet lifecycle (Hachem et al., 2011; Kiruba- evaluated. Therefore, proper and complete data are vathi and Anitha, 2014). key components for a high-performance effective in- This paper is structured as follows: Section 2 pro- trusion detection system (IDS). Table 1 summarizes vides background information and a review of re- the available data sets for IoT anomaly-based intru- lated literature, Section 3 explains the methodology sion detection systems. As can be observed, a small followed to implement the experimental setup while amount of data sets are available for the specific IoT Section 4 offers a detailed overview of the main out- botnets issue. The available data sets are focused on come of this study, a novel IoT data set for botnet small-sized IoT networks, reflecting the behavior of detection, and its verification. Finally, Section 5 con- a small set of IoT devices. Additionally, a specific cludes the study and highlights its main contributions. and small variety of devices are used (mostly security cameras) limiting the scope of the IoT devices ana- lyzed from the broad domain of available IoT devices. 2 LITERATURE REVIEW & None of the available IoT data sets combine real and emulated devices, which limit the scope of their re- BACKGROUND INFORMATION sults to either real or emulated devices. In this regard, our generated data set combines real and emulated de- 2.1 Botnets & DDoS Attacks vices, using different but common types of IoT de- vices, not investigated by previous data sets (i.e., fans, Botnets have been used to perpetrate record-breaking locks, light bulbs and switches), in a medium-sized DDoS attacks. In this regard, in 2016, the journalist network composed of more than 80 devices. Fur- Brian Krebs was the target of a record-breaking attack thermore, our data set focuses on the first stages of (620 Gbps) to its blog KrebsOnSecurity.com, specifi- a botnet deployment, such as infection and propaga- cally tailored to take the site offline (Krebs, 2016). A tion, while the rest of the data sets focus on the last month later, the french hosting provider OVH was at- stages of the botnet lifecycle, mainly detection of at- tacked by the same botnet (probably BashLite), reach- tacks (Kirubavathi and Anitha, 2014). ing 1 Tbps and involving over 140.000 compromised Table 1: Data sets for IoT Anomaly-based IDS. Number Real or Network Data set Botnet Device type Data set features Date Reference of devices Emulated Size Doorbell (Meidan et al., Webcam Mirai 2018a) N-Baiot 9 Thermostat Real Small 115 - statistics 2018 BashLite Baby monitor (Meidan et al., Security Camera 2018b) Hajime Aidra (Bezerra et al., IoT host-based BashLite Multimedia Center NA - PCAP & 2018a) datasets for ID Mirai 2 Emulated Small 2018 Security Camera Netflow/Host (Bezerra et al., research Doflo Tsunami 2018b) Wroba IoT Network Speaker (Kang et al., Mirai 2 Real Small NA - PCAP 2019 Intrusion Dataset Wi-Fi Camera 2019) Refrigerator (Moustafa, No actual Smart Garage door 2019) Bot-IoT malware - 5 Weather Monitoring Emulated Small 31+14 - flow 2019 (Koroniotis simulated Smart Lights Smart thermostat et al., 2019) cameras/dvr (Pritchard, 2018).
Load more

Recommended publications
  • Post-Mortem of a Zombie: Conficker Cleanup After Six Years Hadi Asghari, Michael Ciere, and Michel J.G
    Post-Mortem of a Zombie: Conficker Cleanup After Six Years Hadi Asghari, Michael Ciere, and Michel J.G. van Eeten, Delft University of Technology https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/asghari This paper is included in the Proceedings of the 24th USENIX Security Symposium August 12–14, 2015 • Washington, D.C. ISBN 978-1-939133-11-3 Open access to the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Post-Mortem of a Zombie: Conficker Cleanup After Six Years Hadi Asghari, Michael Ciere and Michel J.G. van Eeten Delft University of Technology Abstract more sophisticated C&C mechanisms that are increas- ingly resilient against takeover attempts [30]. Research on botnet mitigation has focused predomi- In pale contrast to this wealth of work stands the lim- nantly on methods to technically disrupt the command- ited research into the other side of botnet mitigation: and-control infrastructure. Much less is known about the cleanup of the infected machines of end users. Af- effectiveness of large-scale efforts to clean up infected ter a botnet is successfully sinkholed, the bots or zom- machines. We analyze longitudinal data from the sink- bies basically remain waiting for the attackers to find hole of Conficker, one the largest botnets ever seen, to as- a way to reconnect to them, update their binaries and sess the impact of what has been emerging as a best prac- move the machines out of the sinkhole. This happens tice: national anti-botnet initiatives that support large- with some regularity. The recent sinkholing attempt of scale cleanup of end user machines.
    [Show full text]
  • The Botnet Chronicles a Journey to Infamy
    The Botnet Chronicles A Journey to Infamy Trend Micro, Incorporated Rik Ferguson Senior Security Advisor A Trend Micro White Paper I November 2010 The Botnet Chronicles A Journey to Infamy CONTENTS A Prelude to Evolution ....................................................................................................................4 The Botnet Saga Begins .................................................................................................................5 The Birth of Organized Crime .........................................................................................................7 The Security War Rages On ........................................................................................................... 8 Lost in the White Noise................................................................................................................. 10 Where Do We Go from Here? .......................................................................................................... 11 References ...................................................................................................................................... 12 2 WHITE PAPER I THE BOTNET CHRONICLES: A JOURNEY TO INFAMY The Botnet Chronicles A Journey to Infamy The botnet time line below shows a rundown of the botnets discussed in this white paper. Clicking each botnet’s name in blue will bring you to the page where it is described in more detail. To go back to the time line below from each page, click the ~ at the end of the section. 3 WHITE
    [Show full text]
  • Iptrust Botnet / Malware Dictionary This List Shows the Most Common Botnet and Malware Variants Tracked by Iptrust
    ipTrust Botnet / Malware Dictionary This list shows the most common botnet and malware variants tracked by ipTrust. This is not intended to be an exhaustive list, since new threat intelligence is always being added into our global Reputation Engine. NAME DESCRIPTION Conficker A/B Conficker A/B is a downloader worm that is used to propagate additional malware. The original malware it was after was rogue AV - but the army's current focus is undefined. At this point it has no other purpose but to spread. Propagation methods include a Microsoft server service vulnerability (MS08-067) - weakly protected network shares - and removable devices like USB keys. Once on a machine, it will attach itself to current processes such as explorer.exe and search for other vulnerable machines across the network. Using a list of passwords and actively searching for legitimate usernames - the ... Mariposa Mariposa was first observed in May 2009 as an emerging botnet. Since then it has infected an ever- growing number of systems; currently, in the millions. Mariposa works by installing itself in a hidden location on the compromised system and injecting code into the critical process ͞ĞdžƉůŽƌĞƌ͘ĞdžĞ͘͟/ƚŝƐknown to affect all modern Windows versions, editing the registry to allow it to automatically start upon login. Additionally, there is a guard that prevents deletion while running, and it automatically restarts upon crash/restart of explorer.exe. In essence, Mariposa opens a backdoor on the compromised computer, which grants full shell access to ... Unknown A botnet is designated 'unknown' when it is first being tracked, or before it is given a publicly- known common name.
    [Show full text]
  • Common Threats to Cyber Security Part 1 of 2
    Common Threats to Cyber Security Part 1 of 2 Table of Contents Malware .......................................................................................................................................... 2 Viruses ............................................................................................................................................. 3 Worms ............................................................................................................................................. 4 Downloaders ................................................................................................................................... 6 Attack Scripts .................................................................................................................................. 8 Botnet ........................................................................................................................................... 10 IRCBotnet Example ....................................................................................................................... 12 Trojans (Backdoor) ........................................................................................................................ 14 Denial of Service ........................................................................................................................... 18 Rootkits ......................................................................................................................................... 20 Notices .........................................................................................................................................
    [Show full text]
  • Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks
    International Journal of Computer Applications Technology and Research Volume 4– Issue 2, 103 - 107, 2015, ISSN:- 2319–8656 Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Botnet Attacks R. Kannan A.V.Ramani Department of Computer Science Department of Computer Science Sri Ramakrishna Mission Vidyalaya Sri Ramakrishna Mission Vidyalaya College of Arts and Science College of Arts and Science Coimbatore ,Tamilnadu,India. Coimbatore ,Tamilnadu,India Abstract: Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an Enterprise Network This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter.
    [Show full text]
  • ITU Botnet Mitigation Toolkit Background Information
    ITU Botnet Mitigation Toolkit Background Information ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector January 2008 Acknowledgements Botnets (also called zombie armies or drone armies) are networks of compromised computers infected with viruses or malware to turn them into “zombies” or “robots” – computers that can be controlled without the owners’ knowledge. Criminals can use the collective computing power and connected bandwidth of these externally-controlled networks for malicious purposes and criminal activities, including, inter alia, generation of spam e-mails, launching of Distributed Denial of Service (DDoS) attacks, alteration or destruction of data, and identity theft. The threat from botnets is growing fast. The latest (2007) generation of botnets such as the Storm Worm uses particularly aggressive techniques such as fast-flux networks and striking back with DDoS attacks against security vendors trying to mitigate them. An underground economy has now sprung up around botnets, yielding significant revenues for authors of computer viruses, botnet controllers and criminals who commission this illegal activity by renting botnets. In response to this growing threat, ITU is developing a Botnet Mitigation Toolkit to assist in mitigating the problem of botnets. This document provides background information on the toolkit. The toolkit, developed by Mr. Suresh Ramasubramanian, draws on existing resources, identifies relevant local and international stakeholders, and
    [Show full text]
  • Botnet Threat Tracking | Intelligence Services | Kaspersky
    INTELLIGENCE SERVICES: BOTNET THREAT TRACKING Expert monitoring and notification services to identify botnets threatening your reputation and customers Many network attacks are organized using botnets. Such attacks might target casual Internet users, but often these threats are aimed at specific organizations and their online customers. Kaspersky Lab’s expert solution tracks the activity of botnets and provides real-time notifications of threats associated with specific enterprise brands. You can use this information to advise and inform your customers, security services providers and law enforcement about current threats. Protect your organization’s reputation and customers today with Kaspersky Lab’s Botnet Threats Notification Service. TAKE ACTION WITH REAL-TIME DELIVERABLES: The service provides a subscription to personalized email or JSON format notifications containing intelligence about matching brand names by tracking keywords in the botnets monitored by Kaspersky Lab. Notifications include: Targeted URL of the botnet — Bot malware is designed to wait until the user accesses the URL(s) of the targeted organization and then starts the attack rule. Botnet type — Understand exactly what malware threat is being employed by the cybercriminal to affect your customers. Examples include Zeus, SpyEye, and Citadel. Attack type — Identify what the cybercriminals are using the malware to do; for example, web data injection, keylogging, screen wipes or video capture. Attack rules — Know what different rules of web code injection are being used such as HTML requests (GET / POST), data of web page before injection, data of web page after injection. Command and Control (C&C) server address — Enables you to notify the Internet service provider of the offending server for faster dismantling of the threat.
    [Show full text]
  • Top 5 Least Wanted Malware
    Halloween Edition WHAT IS MALWARE? Malware is an abbreviated term meaning “malicious software.” This is software that is specically designed to gain access or damage a computer without the knowledge of the owner. TOP 5 LEAST WANTED MALWARE Ransomware Botnet POS Malware RAT Browser-based 5 5 Malware 5 5 5 $ $ $ 4 $ (malware that restricts access 4 ur computer while to yo y a ransom demanding you pa 4 (also known as a zombie army) to get access back) 4 (a malicious software expressly 4 written to steal customer payment data) (Remote Access Trojan) (also known as “Man in the browser”) 2 4 1 3 5 Remote Access Trojan or RAT A malware program that includes a 1 back door for administrative control over the target computer. RATs are usually downloaded invisibly with a user-requested program – such as a game – or sent as an email attachment. Botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Browser-based malware (also known as “Man in the browser”) is a security attack where the perpetrator 3 installs a trojan horse on a victim's computer that's capable of modifying that user's web transactions as they occur in real time. Ransomware A form of computer malware that restricts access to your 4 computer or its information, while demanding you pay a ransom to get access back. $ POS malware $ $ A malicious software $ expressly written to steal customer payment data – especially credit card data – from retail checkout.
    [Show full text]
  • The Botnet As a Vehicle for Online Crime
    Botnets as a Vehicle for Online Crime Aaron Hackworth Nicholas Ianelli © 2006 Carnegie Mellon University Agenda Overview of CERT®/CC How botnets are built What capabilities botnets possess How botnets are operated How botnets are maintained and defended Tracking Botnets and Bot Herders © 2006 Carnegie Mellon University 2 CERT®/CC Teams Vulnerability Artifact Handling Analysis Analyze flaws Study intruder in Internet developed Systems code to exploit flaws Incident Handling Measure exploitation of flaws, assist in remediation © 2006 Carnegie Mellon University 3 What You Need To Understand It is about the underground economy – Information Theft –Extortion It is about the money Malware and malicious techniques evolve as quickly as necessary to maintain or create new revenue streams The Underground Motto… ”Just enough is good enough” © 2006 Carnegie Mellon University 4 How Botnets are Built © 2006 Carnegie Mellon University Building from scratch Vulnerability exploitation – Scan – Exploit Social Engineering – Collecting a target list • Web Client Attacks • Email Attacks • Instant Messaging Attacks © 2006 Carnegie Mellon University 6 Hijacking, Purchasing, Trading Hijacking – Many botnets include packet sniffers Underground economy – Purchase – Trade © 2006 Carnegie Mellon University 7 Botnet Capabilities © 2006 Carnegie Mellon University Botnet capabilities Scanning/Autorooting © 2006 Carnegie Mellon University 9 Botnet capabilities (2) DDoS –Extortion Download and Installation – Malicious Executables – Spyware/Adware © 2006
    [Show full text]
  • Android Botnet: an Upcoming Challenge
    IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661,p-ISSN: 2278-8727, PP 05-10 www.iosrjournals.org Android Botnet: An Upcoming Challenge Sangeeta Joshi1, Dr Ravinder Khanna2, Lalit Kumar Joshi3 1 (Department of Computer Science, Mata Gujri College, Fatehgarh Sahib, India) 2(Department of Electronics, Maharishi Markandeshwar University, Sadopur, India) 3 (Department of Computer Science, Mata Gujri College, Fatehgarh Sahib, India) ABSTRACT: Mobile devices are now a day well incorporated with advanced capabilities and technologies such as the Internet, GPS, and Bluetooth etc. Mobile security has become a globally sensitive issue because of the high usage of mobile devices. But as compared to computers and computer networks, they are less protected. The user’s of these devices pay less attention to the security updates. The most popular mobile operating system today in the industry is Android. However, with the growing market share of Android smart phone, the malware (malicious software) writers have begun to target the Android operating system. Recently, the most dangerous threat which is targeting Android is ‘botnets’. In this paper, we present an introduction of Android botnets and an analysis of currently available families of botnets. By analyzing these samples we reveal common characteristics and behavior of these botnets which will aid in the identification of new malware on Android devices. Keywords – Android, Application, Botnet, Malware, Mobile, I. INTRODUCTION The appearance of new technologies and advance features of mobile devices makes mobile communication an essential part of every aspect of human activity. Mobile devices are now well integrated with the Internet; therefore, with the increasing use of these devices on a global scale, mobile security has become a fundamental issue [1].
    [Show full text]
  • Cyber Risk – Common Threats Part 1 of 2
    Cyber Risk – Common Threats Part 1 of 2 Table of Contents Threats to Information Systems ..................................................................................................... 2 Malware .......................................................................................................................................... 4 Viruses ............................................................................................................................................. 5 Virus Examples ................................................................................................................................ 6 Worms ............................................................................................................................................. 8 Brief Virus and Worm History ......................................................................................................... 9 Downloaders ................................................................................................................................. 11 Attack Scripts ................................................................................................................................ 13 Botnet -1 ....................................................................................................................................... 15 Botnet -2 ....................................................................................................................................... 17 IRCBotnet Example ......................................................................................................................
    [Show full text]
  • Malware Detection and Analysis: Challenges and Research Opportunities
    1 Malware Detection and Analysis: Challenges and Research Opportunities Zahid Akhtar Department of Network and Computer Security, State University of New York Polytechnic Institute, USA. Email: [email protected] Malwares are continuously growing in sophistication and hobbyists and cyber-offenders trying to show their ability numbers. Over the last decade, remarkable progress has been by causing havoc and to steal information potentially for achieved in anti-malware mechanisms. However, several pressing monetary gains, respectively. They are popularly known as issues (e.g., unknown malware samples detection) still need to be addressed adequately. This article first presents a concise hackers, black hats and crackers, and could be external/internal overview of malware along with anti-malware and then sum- menace, industrial spies or foreign governments. Malwares marizes various research challenges. This is a theoretical and can be used to change or erase data from victim computers, perspective article that is hoped to complement earlier articles to collect confidential information, or to hijack systems in and works. order to attack other devices, send spams, host and share illicit contents, bring down servers, penetrate networks, and cripple critical infrastructures. I. INTRODUCTION Consequently, a broad range of tools and schemes have Use of personal computers and mobile devices coupled been devised to detect and mitigate malware attacks [1]. Anti- with internet has now become integral part of everyday life. malware systems thwart malwares by determining whether This ubiquity of high interconnectivity has prompted many given program has malign intent or not [4]. Despite great serious privacy and security menaces as well as different advancement of malware defense techniques and their inces- other malicious activities.
    [Show full text]