DC ElementWertSprache
dc.contributor.authorHiesgen, Raphael-
dc.contributor.authorNawrocki, Marcin-
dc.contributor.authorSchmidt, Thomas C.-
dc.contributor.authorWählisch, Matthias-
dc.date.accessioned2024-02-22T09:55:22Z-
dc.date.available2024-02-22T09:55:22Z-
dc.date.issued2022-
dc.identifier.isbn978-3-903176-47-8en_US
dc.identifier.urihttp://hdl.handle.net/20.500.12738/14882-
dc.description.abstractThe critical remote-code-execution (RCE) Log4Shell is a severe vulnerability that was disclosed to the public on December 10,021. It exploits a bug in the wide-spread Log4j library. Any service that uses the library and exposes an interface to the Internet is potentially vulnerable. In this paper, we measure the rush of scanners during the two months after the disclosure. We use several vantage points to observe both researchers and attackers. For this purpose, we collect and analyze payloads sent by benign and malicious communication parties, their origins, and churn. We find that the initial rush of scanners quickly ebbed. Especially non-malicious scanners were only interested in the days after the disclosure. In contrast, malicious scanners continue targeting the vulnerability.en
dc.language.isoenen_US
dc.publisherIFIPen_US
dc.subjectLog4jen_US
dc.subjectLog4Shellen_US
dc.subjectScanningen_US
dc.subjectSecurityen_US
dc.subjectNetwork Telescopeen_US
dc.subject.ddc004: Informatiken_US
dc.titleThe race to the vulnerable : measuring the Log4j shell incidenten
dc.typeinProceedingsen_US
dc.relation.conferenceNetwork Traffic Measurement and Analysis Conference 2022en_US
dc.description.versionPeerRevieweden_US
local.contributorPerson.editorEnsafi, Roya-
local.contributorPerson.editorLutu, Andra-
local.contributorPerson.editorSperotto, Anna-
local.contributorPerson.editorvan Rijswijk-Deij, Roland-
tuhh.oai.showtrueen_US
tuhh.publication.instituteDepartment Informatiken_US
tuhh.publication.instituteFakultät Technik und Informatiken_US
tuhh.publisher.doi10.48550/arXiv.2205.02544-
tuhh.publisher.urlhttps://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper40.pdf-
tuhh.relation.ispartofseriesProceedings of the 6th Network Traffic Measurement and Analysis Conferenceen_US
tuhh.type.opusInProceedings (Aufsatz / Paper einer Konferenz etc.)-
dc.type.casraiConference Paper-
dc.type.dinicontributionToPeriodical-
dc.type.drivercontributionToPeriodical-
dc.type.statusinfo:eu-repo/semantics/publishedVersionen_US
dcterms.DCMITypeText-
local.comment.externalPreprint: https://doi.org/10.48550/arXiv.2205.02544. Verlagsversion: https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper40.pdf.en_US
item.seriesrefProceedings of the 6th Network Traffic Measurement and Analysis Conference-
item.tuhhseriesidProceedings of the 6th Network Traffic Measurement and Analysis Conference-
item.creatorGNDHiesgen, Raphael-
item.creatorGNDNawrocki, Marcin-
item.creatorGNDSchmidt, Thomas C.-
item.creatorGNDWählisch, Matthias-
item.languageiso639-1en-
item.cerifentitytypePublications-
item.openairecristypehttp://purl.org/coar/resource_type/c_5794-
item.creatorOrcidHiesgen, Raphael-
item.creatorOrcidNawrocki, Marcin-
item.creatorOrcidSchmidt, Thomas C.-
item.creatorOrcidWählisch, Matthias-
item.fulltextNo Fulltext-
item.grantfulltextnone-
item.openairetypeinProceedings-
crisitem.author.deptDepartment Informatik-
crisitem.author.deptDepartment Informatik-
crisitem.author.orcid0000-0002-0956-7885-
crisitem.author.parentorgFakultät Technik und Informatik-
crisitem.author.parentorgFakultät Technik und Informatik-
Enthalten in den Sammlungen:Publications without full text
Zur Kurzanzeige

Seitenansichten

54
checked on 26.11.2024

Google ScholarTM

Prüfe

HAW Katalog

Prüfe

Volltext ergänzen

Feedback zu diesem Datensatz


Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt.