You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

NetSpy: Automatic Generation of Spyware Signatures for NIDS

Overview This paper presents NetSpy, a tool to automatically generate network-level signatures for spyware. NetSpy determines whether an untrusted program is spyware by correlating user input with network traffic generated by the untrusted program. If classified as spyware, NetSpy also generates a signature characterizing the malicious substrate of the spy-ware's network behavior. Such a signature can be used by network intrusion detection systems to detect spyware installations in large networks.

Further White Paper Details
Publisher	University of Wisconsin-Madison	File Format	PDF
Date Published	September 2006
Format	White Papers
Topics	Network Security, Intrusion Detection Systems, Spyware

Did you find this white paper useful? 2 out of 4 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

U.S. Bancorp: Using VeriSign to Further Strengthen Its Network Security

Publisher:
VeriSign

NAC 2.0: A new model for a more secure future

Publisher:
Sophos

Security experts warn of massive hack attack

Ryan explained: "Most other Trojan Horses, like BackOrifice, create a permanent connection so it is easier to detect. Peapod has already discovered one well-known Slovenian hacker site offering a malicious version of the software.

Channel:
Security Strategy

Anti-virus vendors failing users, claims CA chief

He added: "IT managers need to see how many IIS servers they have in order to detect where and how the worm was moving and not just detect the worm itself. Anti-virus vendors are not doing enough to protect their customers from malicious worms and...

Channel:
Security Strategy

Symantec launches multiple threat protection

It features a single update mechanism which automatically updates virus definitions, firewall rules and intrusion detection signatures. She said in a statement: "The security perimeter is rapidly disappearing, allowing today's malicious code to...

Channel:
Security Strategy

Companies urged to patch Sendmail

The flaw allows an attacker to send a specially formatted email that could take control of a mail server running Sendmail and execute a malicious program. Because the vulnerability is contained in an email message, it will bypass firewalls and many...

Microsoft anti-spyware tool gets a makeover

Microsoft has changed how it delivers signature updates for the anti-spyware application. The signatures, used to pinpoint which software is malicious, are now distributed through Windows Update, instead of through a separate tool particular to the...

eEye looks to open source for antivirus

Signature-based systems check potentially malicious software against a database of known threats while behavioural systems look at a program's behaviour to determine whether or not it is malicious. Clam AntiVirus is fast in offering signatures for...

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

Network Security White Papers

NetSpy: Automatic Generation of Spyware Signatures for NIDS

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific