The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2011 vol.9)
pp: 67-70
Dan Guido , iSEC Partners
ABSTRACT
We can mitigate the threat of mass malware by understanding the techniques, tactics, and procedures unique to this threat. An analysis of empirical attacker data indicates that basic, generic defenses, such as minor reductions of the attack surface and the use of available platform memory protection, are effective against mass malware.
INDEX TERMS
mass malware, exploits, computer security, intrusion kill chain, memory corruption, logic flaws, intelligence, threat, computer network defense
CITATION
Dan Guido, "A Case Study of Intelligence-Driven Defense", IEEE Security & Privacy, vol.9, no. 6, pp. 67-70, November/December 2011, doi:10.1109/MSP.2011.158
REFERENCES
1. "Update on LizaMoon Mass-Injection and Q&A," Websense, 2011; http://community.websense.com/blogs/securitylabs/ archive/2011/03/31update-on-lizamoon-mass-injection.aspx .
2. E.M. Hutchins et al., "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Proc. 6th Int'l Conf. Information Warfare and Security (ICIW 11), Academic Conferences Ltd., 2010, pp. 113–125; http://papers.rohanamin.com/wp-content/uploads/ papers.rohanamin.com/2011/08iciw2011.pdf .
3. K. Levchenko et al., "Click Trajectories: End-to-End Analysis of the Spam Value Chain," Proc. 2011 IEEE Symp. Security and Privacy, IEEE CS Press, 2011, pp. 431–446; http://cseweb.ucsd.edu/~savage/papersOakland11.pdf .
4. D. Guido, "The Exploit Intelligence Project" (PowerPoint presentation), iSEC Partners, 2011; www.isecpartners.com/storage/docs/presentations EIP-2.0.pdf.
5. StatOwl homepage; http:/statowl.com.
6. "Mitigating Software Vulnerabilities," Microsoft, 2011; www.microsoft.com/download/endetails.aspx?displaylang=en&id=26788 .
33 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool