The Experts below are selected from a list of 14643 Experts worldwide ranked by ideXlab platform
Konrad Rieck - One of the best experts on this subject based on the ideXlab platform.
-
AsiaCCS - Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and discuss how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. To this end, we study the practicability of our approach using four commercial products and exemplary demonstrate anti-Virus assisted attacks in three different scenarios.
-
From Malware Signatures to Anti-Virus Assisted Attacks.
arXiv: Cryptography and Security, 2016Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and demonstrate how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. We study the practicability of our approach using four commercial products and exemplarily discuss a novel attack vector made possible by insufficiently designed signatures. Our research indicates that there is an urgent need to improve pattern-based signatures if used in anti-Virus Software and to pursue alternative detection approaches in such products.
Christian Wressnegger - One of the best experts on this subject based on the ideXlab platform.
-
AsiaCCS - Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and discuss how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. To this end, we study the practicability of our approach using four commercial products and exemplary demonstrate anti-Virus assisted attacks in three different scenarios.
-
From Malware Signatures to Anti-Virus Assisted Attacks.
arXiv: Cryptography and Security, 2016Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and demonstrate how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. We study the practicability of our approach using four commercial products and exemplarily discuss a novel attack vector made possible by insufficiently designed signatures. Our research indicates that there is an urgent need to improve pattern-based signatures if used in anti-Virus Software and to pursue alternative detection approaches in such products.
Richard Ford - One of the best experts on this subject based on the ideXlab platform.
-
Real world anti-Virus product reviews and evaluations - Part 2
Network Security, 1997Co-Authors: Sarah Gordon, Richard FordAbstract:This article discusses frequently encountered errors in the evaluation process relative to anti-Virus Software selection by examining some of the methods commonly used by corporate and governmental personnel working in the area of Management Information Systems (MIS). In addition to discussing inherent problems, we will suggest alternative methodologies for evaluation. We will examine commercial certification processes, as well as the Information Technology Security Evaluation and Certification (ITSEC) approach, as possible models for anti-Virus product evaluation and certification. Finally, we will discuss ways in which the information which is currently available may be used to help select anti-Virus Software which is both functional and cost efficient.
-
Real world anti-Virus product reviews and evaluations - Part 1
Network Security, 1996Co-Authors: Sarah Gordon, Richard FordAbstract:This article discusses frequently encountered errors in the evaluation process relative to anti-Virus Software selection by examining some of the methods commonly used by corporate and governmental personnel working in the area of Management Information Systems (MIS). In addition to discussing inherent problems, we will suggest alternative methodologies for evaluation. We will examine commercial certification processes, as well as the Information Technology Security Evaluation and Certification (ITSEC) approach, as possible models for anti-Virus product evaluation and certification. Finally, we will discuss ways in which the Information which is currently available may be used to help select anti-Virus Software which is both functional and cost efficient.
Kevin Freeman - One of the best experts on this subject based on the ideXlab platform.
-
AsiaCCS - Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and discuss how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. To this end, we study the practicability of our approach using four commercial products and exemplary demonstrate anti-Virus assisted attacks in three different scenarios.
-
From Malware Signatures to Anti-Virus Assisted Attacks.
arXiv: Cryptography and Security, 2016Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and demonstrate how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. We study the practicability of our approach using four commercial products and exemplarily discuss a novel attack vector made possible by insufficiently designed signatures. Our research indicates that there is an urgent need to improve pattern-based signatures if used in anti-Virus Software and to pursue alternative detection approaches in such products.
Fabian Yamaguchi - One of the best experts on this subject based on the ideXlab platform.
-
AsiaCCS - Automatically Inferring Malware Signatures for Anti-Virus Assisted Attacks
Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and discuss how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. To this end, we study the practicability of our approach using four commercial products and exemplary demonstrate anti-Virus assisted attacks in three different scenarios.
-
From Malware Signatures to Anti-Virus Assisted Attacks.
arXiv: Cryptography and Security, 2016Co-Authors: Christian Wressnegger, Kevin Freeman, Fabian Yamaguchi, Konrad RieckAbstract:Although anti-Virus Software has significantly evolved over the last decade, classic signature matching based on byte patterns is still a prevalent concept for identifying security threats. Anti-Virus signatures are a simple and fast detection mechanism that can complement more sophisticated analysis strategies. However, if signatures are not designed with care, they can turn from a defensive mechanism into an instrument of attack. In this paper, we present a novel method for automatically deriving signatures from anti-Virus Software and demonstrate how the extracted signatures can be used to attack sensible data with the aid of the Virus scanner itself. We study the practicability of our approach using four commercial products and exemplarily discuss a novel attack vector made possible by insufficiently designed signatures. Our research indicates that there is an urgent need to improve pattern-based signatures if used in anti-Virus Software and to pursue alternative detection approaches in such products.
