| 言語種別 | 英語 |
|---|---|
| 発行・発表の年月 | 2023/05/29 |
| 形態種別 | 学術研究論文 |
| 査読 | 査読あり |
| 標題 | Stargazer: Long-term and Multiregional Measurement of Timing/Geolocation-based Cloaking |
| 執筆形態 | 共著 |
| 掲載誌名 | IEEE Access |
| 掲載区分 | 国外 |
| 出版社・発行元 | Institute of Electrical and Electronics Engineers (IEEE) |
| 巻・号・頁 | 11,52750-52762 |
| 総ページ数 | 13 |
| 担当区分 | 責任著者 |
| 著者・共著者 | Shota Fujii; Takayuki Sato; Sho Aoki; Yu Tsuda; Nobutaka Kawaguchi; Tomohiro Shigemoto; Masato Terada; |
| 概要 | We are currently engaged in a long-term cloaking study of a broader range of threats. In the present study, we implemented Stargazer, which actively monitors malicious hosts and detects geographic and temporal cloaking, and collected 30,359,410 observations between November 2019 and February 2022 for 18,397 targets from 13 sites where our sensors are installed. Our analysis confirmed that cloaking techniques are widely abused, i.e., not only in the context of specific threats such as phishing. This includes geographic and time-based cloaking, which is difficult to detect with single-site or one-shot observations. Furthermore, we found that malicious hosts that perform cloaking include those that survive for relatively long periods of time, and those whose contents are not present in VirusTotal. This suggests that it is not easy to observe and analyze the cloaking malicious hosts with existing technologies. |