You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

SpyCon: Emulating User Activities to Detect Evasive Spyware

Overview The success of any spyware is determined by its ability to evade detection. Although traditional detection methodologies employing signature and anomaly based systems have had reasonable success, new class of spyware programs emerge which blend in with user activities to avoid detection. One of the latest anti-spyware technologies consists of a local agent that generates honeytokens of known parameters (e.g., network access requests) and tricks spyware into assuming it to be legitimate activity. This paper describes the deficiencies of static honeytoken generation and presents an attack that circumvents such detection techniques. The author synthesizes the attack by means of data mining algorithms like associative rule mining.

Further White Paper Details
Publisher	University at Buffalo	File Format	PDF
Date Published	February 2007
Format	White Papers
Topics	Network Security, Security Management, Spyware

Did you find this white paper useful?

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Hughes' PCI Compliant Network Solutions Reduce Costs, Save Time, and Preserve Customer Loyalty

Publisher:
IBM

Terrorist or traveller? Software will decide

The airline industry could reduce the threat of terrorist attack by employing data mining techniques to identify potential suspects. HNC Software, a specialist in fraud detection, is teaming up with PROS Revenue Management to develop the world's...

Channel:
Applications

Latest worm threat is spotted early

While the company is yet to carry out a detailed analysis of the code, there are indications its creators are seeding the email in preparation for a denial of service attack. MessageLabs said the threat alarm policy of its scanning engine, Sceptic...

Channel:
Security Strategy
Tags:
worm

Spyware infiltrates the ad industry

It found that a program called 'CoolWebSearch', which avoids detection by many anti-spyware tools, was the most widespread "threat" it found. Spyware writers are generating $2bn (£1bn) of revenue annually after capturing 25 per cent of the online...

Channel:
Malware
Tags:
spyware

Microsoft anti-spyware tool gets a makeover

The program is designed to protect PCs against spyware, which is software that is installed on a system to watch the user's activity without his or her knowledge. Microsoft has changed how it delivers signature updates for the anti-spyware...

Anti-spyware group agrees detection guidelines

Although adware makers say there are legitimate uses for their programs, an entire anti-spyware market has been spawned to combat the stuff. said on Thursday that it has finalised its spyware detection guidelines.

Q&A: Cisco CSO John Stewart

We still use antivirus, we still use anti-spyware, those are key elements. I can go download spyware or Kazaa onto my PC, John is going to take care of it, it is not really my deal? The first and best defence we use on computers at Cisco is the...

Featured White Papers

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

SpyCon: Emulating User Activities to Detect Evasive Spyware

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

Europe

United States

Asia Pacific