Verlagslink: https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper40.pdf
Verlagslink DOI: 10.48550/arXiv.2205.02544
Titel: The race to the vulnerable : measuring the Log4j shell incident
Sprache: Englisch
Autorenschaft: Hiesgen, Raphael 
Nawrocki, Marcin 
Schmidt, Thomas C.  
Wählisch, Matthias 
Herausgeber*In: Ensafi, Roya 
Lutu, Andra 
Sperotto, Anna 
van Rijswijk-Deij, Roland 
Schlagwörter: Log4j; Log4Shell; Scanning; Security; Network Telescope
Erscheinungsdatum: 2022
Verlag: IFIP
Teil der Schriftenreihe: Proceedings of the 6th Network Traffic Measurement and Analysis Conference 
Konferenz: Network Traffic Measurement and Analysis Conference 2022 
Zusammenfassung: 
The critical remote-code-execution (RCE) Log4Shell is a severe vulnerability that was disclosed to the public on December 10,021. It exploits a bug in the wide-spread Log4j library. Any service that uses the library and exposes an interface to the Internet is potentially vulnerable. In this paper, we measure the rush of scanners during the two months after the disclosure. We use several vantage points to observe both researchers and attackers. For this purpose, we collect and analyze payloads sent by benign and malicious communication parties, their origins, and churn. We find that the initial rush of scanners quickly ebbed. Especially non-malicious scanners were only interested in the days after the disclosure. In contrast, malicious scanners continue targeting the vulnerability.
URI: http://hdl.handle.net/20.500.12738/14882
ISBN: 978-3-903176-47-8
Begutachtungsstatus: Diese Version hat ein Peer-Review-Verfahren durchlaufen (Peer Review)
Einrichtung: Department Informatik 
Fakultät Technik und Informatik 
Dokumenttyp: Konferenzveröffentlichung
Hinweise zur Quelle: Preprint: https://doi.org/10.48550/arXiv.2205.02544. Verlagsversion: https://tma.ifip.org/2022/wp-content/uploads/sites/11/2022/06/tma2022-paper40.pdf.
Enthalten in den Sammlungen:Publications without full text

Zur Langanzeige

Seitenansichten

54
checked on 26.11.2024

Google ScholarTM

Prüfe

HAW Katalog

Prüfe

Volltext ergänzen

Feedback zu diesem Datensatz


Alle Ressourcen in diesem Repository sind urheberrechtlich geschützt.