Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
This analysis explores the use of traffic distribution systems (TDS) by threat actors to redirect network traffic for illicit purposes like phishing and malvertising. TDS act as central hubs, obfuscating final destinations and hindering detection. The study found that malicious TDS exhibit distinct topological characteristics compared to benign networks, including longer redirection chains, more URLs, and higher connectivity. Using these insights, a machine learning-based detection system was developed to identify various types of malicious TDS infrastructure. The research also presents case studies of TDS usage in phishing campaigns, malvertising, darknet services, and cloaking techniques.
OPENCTI LABELS :
phishing,malvertising,cloaking,darknet,traffic distribution systems
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Beneath the Surface: Detecting and Blocking Hidden Malicious Traffic Distribution Systems