Explore a comprehensive analysis of cloud repository abuse in this conference talk from CCS 2016. Delve into the world of malicious cloud hosting services, examining how cybercriminals exploit these platforms for nefarious purposes. Learn about the innovative "BarFinder" technique for detecting Bad Repositories (BARs) and understand its effectiveness through rigorous evaluation. Investigate the landscape of cloud-based malware, including its lifetime, evasion tactics, and the phenomenon of bucket pollution. Gain insights into Potentially Unwanted Program (PUP) campaigns utilizing cloud services. Discover the challenges that remain in combating this emerging threat and the implications for cloud security.
Lurking Malice in the Cloud - Understanding and Detecting Cloud Repository as a Malicious Service
Association for Computing Machinery (ACM) via YouTube
Overview
Syllabus
Intro
Cloud Hosting Services
Malice lurking in the Cloud
Finding Bad Repositories (BARs)
Questions Remain Unsettled
Data Collection - Ground Truth
A Study in BARS
Feature Extraction
BarFinder
Evaluation - Unknown Set
Landscape
Lifetime and Evasion
Bucket Pollution
PUP campaign
Conclusion
Taught by
ACM CCS
