A Case Study of Intelligence-Driven Defense

Dan Guido

doi:10.1109/MSP.2011.158

Security&Privacy
2011
Issue No. 6 - November/December
Abstract - A Case Study of Intelligence-Driven Defense

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Dan Guido

A Case Study of Intelligence-Driven Defense

November/December 2011 (vol. 9 no. 6)

pp. 67-70

	ASCII Text	x
	Dan Guido, "A Case Study of Intelligence-Driven Defense," IEEE Security & Privacy, vol. 9, no. 6, pp. 67-70, November/December, 2011.

	BibTex	x
	@article{ 10.1109/MSP.2011.158, author = {Dan Guido}, title = {A Case Study of Intelligence-Driven Defense}, journal ={IEEE Security & Privacy}, volume = {9}, number = {6}, issn = {1540-7993}, year = {2011}, pages = {67-70}, doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2011.158}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Security & Privacy TI - A Case Study of Intelligence-Driven Defense IS - 6 SN - 1540-7993 SP67 EP70 EPD - 67-70 A1 - Dan Guido, PY - 2011 KW - mass malware KW - exploits KW - computer security KW - intrusion kill chain KW - memory corruption KW - logic flaws KW - intelligence KW - threat KW - computer network defense VL - 9 JA - IEEE Security & Privacy ER -

Dan Guido, iSEC Partners

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2011.158

We can mitigate the threat of mass malware by understanding the techniques, tactics, and procedures unique to this threat. An analysis of empirical attacker data indicates that basic, generic defenses, such as minor reductions of the attack surface and the use of available platform memory protection, are effective against mass malware.

1. "Update on LizaMoon Mass-Injection and Q&A," Websense, 2011; http://community.websense.com/blogs/securitylabs/ archive/2011/03/31update-on-lizamoon-mass-injection.aspx .
2. E.M. Hutchins et al., "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Proc. 6th Int'l Conf. Information Warfare and Security (ICIW 11), Academic Conferences Ltd., 2010, pp. 113–125; http://papers.rohanamin.com/wp-content/uploads/ papers.rohanamin.com/2011/08iciw2011.pdf .
3. K. Levchenko et al., "Click Trajectories: End-to-End Analysis of the Spam Value Chain," Proc. 2011 IEEE Symp. Security and Privacy, IEEE CS Press, 2011, pp. 431–446; http://cseweb.ucsd.edu/~savage/papersOakland11.pdf .
4. D. Guido, "The Exploit Intelligence Project" (PowerPoint presentation), iSEC Partners, 2011; www.isecpartners.com/storage/docs/presentations EIP-2.0.pdf.
5. StatOwl homepage; http:/statowl.com.
6. "Mitigating Software Vulnerabilities," Microsoft, 2011; www.microsoft.com/download/endetails.aspx?displaylang=en&id=26788 .

Index Terms:

mass malware, exploits, computer security, intrusion kill chain, memory corruption, logic flaws, intelligence, threat, computer network defense

Citation:

Dan Guido, "A Case Study of Intelligence-Driven Defense," IEEE Security & Privacy, vol. 9, no. 6, pp. 67-70, Nov.-Dec. 2011, doi:10.1109/MSP.2011.158

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.