We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR
< prev | next >
new | recent | 2205

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

listing | bibtex

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo

Computer Science > Cryptography and Security

Title: The Race to the Vulnerable: Measuring the Log4j Shell Incident

Authors: Raphael Hiesgen, Marcin Nawrocki, Thomas C. Schmidt, Matthias Wählisch
(Submitted on 5 May 2022 (v1), last revised 7 Jun 2022 (this version, v2))
Abstract: The critical remote-code-execution (RCE) Log4Shell is a severe vulnerability that was disclosed to the public on December 10, 2021. It exploits a bug in the wide-spread Log4j library. Any service that uses the library and exposes an interface to the Internet is potentially vulnerable.
In this paper, we measure the rush of scanners during the two months after the disclosure. We use several vantage points to observe both researchers and attackers. For this purpose, we collect and analyze payloads sent by benign and malicious communication parties, their origins, and churn. We find that the initial rush of scanners quickly ebbed. Especially non-malicious scanners were only interested in the days after the disclosure. In contrast, malicious scanners continue targeting the vulnerability.
Comments: Proc. of Network Traffic Measurement and Analysis Conference (TMA '22), camera ready
Subjects: Cryptography and Security (cs.CR)
Cite as: arXiv:2205.02544 [cs.CR]
  (or arXiv:2205.02544v2 [cs.CR] for this version)

Submission history

From: Raphael Hiesgen [view email]
[v1] Thu, 5 May 2022 10:08:57 GMT (333kb,D)
[v2] Tue, 7 Jun 2022 13:56:20 GMT (338kb,D)
Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

Link back to: arXiv, form interface, contact.