This book captures the state of the art research in the area of malicious code detection, prevention and mitigation. It contains cutting-edge behavior-based techniques to analyze and detect obfuscated malware, and it analyzes current trends in malware activity online.

Shared resources, such as the Internet, have created a highly interconnected cyber-infrastructure. Critical infrastructures in domains such as medical, power, telecommunications, and finance are highly dependent on information systems. These two factors have exposed our critical infrastructures to malicious attacks and accidental failures. Many malicious attacks are achieved by malicious code or malware, such as viruses and worms. Given the deleterious affects of malware on our cyber infrastructure, identifying malicious programs is an important goal. Unfortunately, malware detectors have not kept pace with the evasion techniques commonly used by hackers, i.e., the good guys are falling behind in the arms race .

Malware Detection captures the state of the art research in the area of malicious code detection, prevention and mitigation.

Cutting-edge behavior-based techniques to analyze & detect obfuscated malware Analyzes current trends in malware activity online, including botnets and malicious code for profit Proposes effective models for detection & prevention of attacks using cooperation & collaboration between detectors Introduces novel techniques for creating services that protect their own integrity and safety, plus the data they manage Includes supplementary material: sn.pub/extras

Klappentext

Many malicious attacks are achieved by malicious code or malware, such as viruses and worms. Shared resources, such as the Internet, have created a highly interconnected cyber-infrastructure. Critical infrastructures in domains such as medical, power, telecommunications, and finance are highly dependent on information systems. These two factors have exposed our critical infrastructures to malicious attacks and accidental failures. Given the deleterious affects of malware on our cyber infrastructure, identifying malicious programs is an important goal. Unfortunately, malware detectors have not kept pace with the evasion techniques commonly used by hackers--the good guys are falling behind in the arms race.

Malware Detection , based on the Special ARO/DHS Workshop on Malware Detection at Rosslyn, VA, in 2005, captures the state of the art research in the area of malicious code detection, prevention and mitigation.

This edited volume is intended for researchers and developers working on malicious code (malware) detection, prevention and mitigation. In addition it can be used for a senior level undergraduate course, or for a graduate course in the area of computer and software security.

Inhalt
Overview.- Malware Evolution: A Snapshot of Threats and Countermeasures in 2005.- Software Analysis and Assurance.- Static Disassembly and Code Analysis.- A Next-Generation Platform for Analyzing Executables.- Behavioral and Structural Properties of Malicious Code.- Detection and Prevention of SQL Injection Attacks.- Distributed Threat Detection and Defense.- Very Fast Containment of Scanning Worms, Revisited.- Sting: An End-to-End Self-Healing System for Defending against Internet Worms.- An Inside Look at Botnets.- Can Cooperative Intrusion Detectors Challenge the Base-Rate Fallacy?.- Stealthy and Targeted Threat Detection and Defense.- Composite Hybrid Techniques For Defending Against Targeted Attacks.- Towards Stealthy Malware Detection.- Novel Techniques for Constructing Trustworthy Services.- Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems.- Principles of Secure Information Flow Analysis.