Vulnerability exploits remain an important mechanism for malware delivery, despite efforts to speed up the creation of patches and improvements in software updating mechanisms. Vulnerabilities in client applications (...
详细信息
ISBN:
(纸本)9781467369497
Vulnerability exploits remain an important mechanism for malware delivery, despite efforts to speed up the creation of patches and improvements in software updating mechanisms. Vulnerabilities in client applications (e.g., browsers, multimedia players, document readers and editors) are often exploited in spear phishing attacks and are difficult to characterize using network vulnerability scanners. Analyzing their lifecycle requires observing the deployment of patches on hosts around the world. Using data collected over 5 years on 8.4 million hosts, available through Symantec's WINE platform, we present the first systematic study of patch deployment in client-side vulnerabilities. We analyze the patch deployment process of 1,593 vulnerabilities from 10 popular client applications, and we identify several new threats presented by multiple installations of the same program and by shared libraries distributed with several applications. For the 80 vulnerabilities in our dataset that affect codeshared by two applications, the time between patch releases in the different applications is up to 118 days (with a median of 11 days). Furthermore, as the patching rates differ considerably among applications, many hosts patch the vulnerability in one application but not in the other one. We demonstrate two novel attacks that enable exploitation by invoking old versions of applications that are used infrequently, but remain installed. We also find that the median fraction of vulnerable hosts patched when exploits are released is at most 14%. Finally, we show that the patching rate is affected by user-specific and application specific factors;for example, hosts belonging to security analysts and applications with an automated updating mechanism have significantly lower median times to patch.
Anti-virus companies receive extensive quantities of malware variants daily;therefore, it is essential to automatically classify them into their corresponding malware family. Here, we apply an efficient statistical ap...
详细信息
ISBN:
(纸本)9781467384605
Anti-virus companies receive extensive quantities of malware variants daily;therefore, it is essential to automatically classify them into their corresponding malware family. Here, we apply an efficient statistical approach to identify and render critical malicious patterns into malware families, which are essential elements of automated classification of known and unknown malware variants in large quantities. Critical malicious patterns are the most frequent basic blocks, which are present most often in one specific malware family, and comparatively less in all other malware families. By computing the distribution frequency of each distinct basic block residing in all the malware families, the importance of being a potential representative of a critical malicious pattern for a specific malware family is measured. This value is carefully computed by considering the population of each malware family, and the distribution frequency ratio of every distinct basic block among the different malware families. The results show that known and unknown malware variants can be effectively and accurately classified into their related malware family using this approach.
With the raise in amount of technologies with which we can build web applications and mobile applications, it is usually a tough task to decide which technology is the best for the project to save time and effort and ...
详细信息
With the raise in amount of technologies with which we can build web applications and mobile applications, it is usually a tough task to decide which technology is the best for the project to save time and effort and increase velocity of the project in hand. Web technology has seen a huge amount of transformation in the recent years and with the open source projects like Apache Cordova, it is now possible to build Cross Plat- form mobile applications using the web technologies. With the server-side platform Node. js, it is now possible to build server side application in JavaScript. This piece discusses and demonstrates the use of a JavaScript in both server-side and client-side application, how the client-side JavaScript code can be shared between both web and mobile applications, and different tools and frameworks which will help in the process of making the whole application including the topics like integration and end- to-end testing in a short amount of time.
Anti-virus companies receive extensive quantities of malware variants daily;therefore, it is essential to automatically classify them into their corresponding malware family. Here, we apply an efficient statistical ap...
详细信息
ISBN:
(纸本)9781467384612
Anti-virus companies receive extensive quantities of malware variants daily;therefore, it is essential to automatically classify them into their corresponding malware family. Here, we apply an efficient statistical approach to identify and render critical malicious patterns into malware families, which are essential elements of automated classification of known and unknown malware variants in large quantities. Critical malicious patterns are the most frequent basic blocks, which are present most often in one specific malware family, and comparatively less in all other malware families. By computing the distribution frequency of each distinct basic block residing in all the malware families, the importance of being a potential representative of a critical malicious pattern for a specific malware family is measured. This value is carefully computed by considering the population of each malware family, and the distribution frequency ratio of every distinct basic block among the different malware families. The results show that known and unknown malware variants can be effectively and accurately classified into their related malware family using this approach.
暂无评论