You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Embedded Malware Detection Using Markov n-grams

Tags:
network security

Overview Embedded malware is a recently discovered security threat that allows malcode to be hidden inside a benign file. It has been shown that embedded malware is not detected by commercial antivirus software even when the malware signature is present in the antivirus database. This paper presents a novel anomaly detection scheme to detect embedded malware. They first analyze byte sequences in benign files to show that benign files' data generally exhibit a 1-st order dependence structure. Consequently, conditional n-grams provide a more meaningful representation of a file's statistical properties than traditional n-grams. To capture and leverage this correlation structure for embedded malware detection, they model the conditional distributions as Markov n-grams.

Further White Paper Details
Publisher	NUST Institute of Information Technology	File Format	PDF
Date Published	February 2008
Format	White Papers
Topics	Network Security, Security Management, Spyware

Did you find this white paper useful?

Balancing Security Against Productivity

What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...

Publisher:
Novell

Security: New strides in preventing intrusions.

Need help eliminating risk in your IT environment? This ForwardView webshow describes how security appliances, which incorporate an array of security functions, can help you ward off security breaches without...

Publisher:
IBM

MessageLabs Intelligence : 2009 security Predictions

Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...

Publisher:
MessageLabs, now part of Symantec

IDC Vendor Spotlight

Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...

Publisher:
BeCrypt

Trend Micro Enterprise Security white paper

This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...

Publisher:
Trend Micro

Virus 'double whammy' hits users

Antivirus vendors were very quick to upgrade the Netsky.D worm to their highest threat rating. Cluley said: "However good an ISP, web email account or antivirus gateway product may be at scanning email, it will be useless at detecting the worm...

Windows JPEG worm spreading over AOL IM

And even if users change the settings on antivirus software, the JPEG file extensions can be manipulated to avoid detection By default, antivirus software only scans for .exe files. Antivirus expert Mikko Hypponen of F-Secure yesterday warned that...

Channel:
Malware

Lexus slams brakes on in-car virus theory

Cabir, the first worm known to target smart phones, uses the Bluetooth short-range wireless feature of handsets running on the Symbian operating system to detect other Symbian phones, and then transfers itself to the new host as a package file.

Channel:
Malware

Symantec patents virus-detection technology

All of this is making it very difficult for traditional antivirus scanners to detect an infection, because the infection is located or spread into regions where you wouldn't expect to see them. Traditional antivirus software works by scanning the...

Channel:
Security Strategy

Trojan targets companies' top brass

It shows that signature based antivirus is not enough; you need more technology than that. A is for Antivirus C-level employees of publicly listed companies are being targeted by cyber criminals using malware-infected RTF (Rich Text File) documents...

Norton 2010: Gunning for mutating malware

Debuting on Wednesday, both the basic Norton AntiVirus 2010 and the more robust Norton Internet Security 2010 will use Quorum, which Symantec is calling an advanced security network based both on traditional malware signatures and on reputation...

Channel:
Malware
Tags:
antivirus,
symantec

Featured White Papers

The Value of Location Intelligence in the Communications Industry

Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities and government departments make more informed decisions and derive greater value from current location-based information and data. Read this whitepaper to see how you can take advantage of location intelligence.

Publisher:
Pitney Bowes

Best Practices for Translating Customer Satisfaction into Revenue

Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language. How do you quantify customer satisfaction? Download the Best Practices for Benchmarking Customer Satisfaction to get industry research the Association of Support Professionals (ASP) on how to measure and leverage customer satisfaction.

Publisher:
Citrix Online

HP print solutions and 3M

the objective for 3M was to optimize office printing infrastructure at 3Mlocations worldwide Reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print soultions, More than $3 million in savings in first two years and Per page costs reduced by up to 90 percent.