System Network Activity Monitoring for Malware Threats Detection
- 939 Downloads
Monitoring network communication is one of the primary methods used for years to combat network threats. Recent attacks on corporations networks shows that classical perimeter centric detection methods, based on the analysis of signatures, statistical anomalies or heuristic methods aimed at protection from the outside do not work, and are easily circumvented by new generations of malware. Increasingly apparent becomes the need to create additional internal line of defense, aimed at detecting and blocking what penetrated inside and operates in a network environment. The paper presents such solution – a new method for threats detection, based on novel principle – local monitoring and analysis of the system and application’s network activity, detecting traces of malware operation to the level of process running on the system.
Keywordsoutbound traffic monitoring malware infection detection system network activity multi-level system defense
Unable to display preview. Download preview PDF.
- 1.2013 Data Breach Investigations Report. Verizon, http://www.verizonenterprise.com/DBIR/2013/
- 2.Fortinet 2013 Cybercrime Report. Fortinet, http://www.fortinet.com/resource_center/whitepapers/cybercrime_report_on_botnets_network_security_strategies.html
- 3.2013 Information Security Breaches Survey, https://www.gov.uk/government/publications/information-security-breaches-survey-2013-technical-report
- 4.The Demise in Effectiveness of Signature and Heuristic Based Antivirus, http://docs.media.bitpipe.com/io_10x/io_102267/item_632588/2013-01-09_the_demise_of_signature_based_antivirus_final.pdf
- 5.Defeating Advanced Persistent Threat Malware. Infoblox, http://securematics.com/sites/default/files/secure/default/files/pdfs/infoblox-whitepaper-defeating-apt-malware.pdf
- 6.Piper, S.: Definitive Guide to Next-Generation Threat Protection. CyberEdge Group, LLC, http://www2.fireeye.com/definitive-guide-next-gen-threats.html
- 7.Assessing the Effectiveness of Antivirus Solutions, Hacker Intelligence Initiative, Monthly Trend Report #14, http://www.imperva.com/docs/HII_Assessing_the_Effectiveness_of_Antivirus_Solutions.pdf
- 9.ENISA Threat Landscape 2013 – Overview of current and emerging cyber-threats, https://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape-2013-overview-of-current-and-emerging-cyber-threats
- 10.IBM X-Force 2013 Mid-Year Trend and Risk Report. IBM, http://www-03.ibm.com/security/xforce/downloads.html
- 11.The Advanced Cyber Attack Landscape. FireEye, Inc., http://www.security-finder.ch/fileadmin/dateien/pdf/studien-berichte/fireeye-advanced-cyber-attack-landscape-report.pdf