This Article 
 Bibliographic References 
 Add to: 
A Case Study of Intelligence-Driven Defense
November/December 2011 (vol. 9 no. 6)
pp. 67-70
Dan Guido, iSEC Partners
We can mitigate the threat of mass malware by understanding the techniques, tactics, and procedures unique to this threat. An analysis of empirical attacker data indicates that basic, generic defenses, such as minor reductions of the attack surface and the use of available platform memory protection, are effective against mass malware.

1. "Update on LizaMoon Mass-Injection and Q&A," Websense, 2011; archive/2011/03/31update-on-lizamoon-mass-injection.aspx .
2. E.M. Hutchins et al., "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Proc. 6th Int'l Conf. Information Warfare and Security (ICIW 11), Academic Conferences Ltd., 2010, pp. 113–125; .
3. K. Levchenko et al., "Click Trajectories: End-to-End Analysis of the Spam Value Chain," Proc. 2011 IEEE Symp. Security and Privacy, IEEE CS Press, 2011, pp. 431–446; .
4. D. Guido, "The Exploit Intelligence Project" (PowerPoint presentation), iSEC Partners, 2011; EIP-2.0.pdf.
5. StatOwl homepage; http:/
6. "Mitigating Software Vulnerabilities," Microsoft, 2011; .

Index Terms:
mass malware, exploits, computer security, intrusion kill chain, memory corruption, logic flaws, intelligence, threat, computer network defense
Dan Guido, "A Case Study of Intelligence-Driven Defense," IEEE Security & Privacy, vol. 9, no. 6, pp. 67-70, Nov.-Dec. 2011, doi:10.1109/MSP.2011.158
Usage of this product signifies your acceptance of the Terms of Use.