White Papers

SpyCon: Emulating User Activities to Detect Evasive Spyware

Category: Security

Tags: spyware, data mining, network, data

Overview The success of any spyware is determined by its ability to evade detection. Although traditional detection methodologies employing signature and anomaly based systems have had reasonable success, new class of spyware programs emerge which blend in with user activities to avoid detection. One of the latest anti-spyware technologies consists of a local agent that generates honeytokens of known parameters (e.g., network access requests) and tricks spyware into assuming it to be legitimate activity. This paper describes the deficiencies of static honeytoken generation and presents an attack that circumvents such detection techniques. The author synthesizes the attack by means of data mining algorithms like associative rule mining.

Download White Paper

By downloading you agree to our Terms and Conditions. These include information regarding use of your personal data.

Publisher
University at Buffalo
File Format
PDF
Date Published
Jul 6, 2007
Format
White Papers
Topics
Spyware, Network Security, Security Management

Similiar White Papers

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

Social Networking: Brave New World or Revolution from Hell? A look at the phenomenon of Social Networking and the implications for Businesses

According to recent surveys, employee social networking is growing rapidly, on hot sites such as Facebook, LinkedIn and

Publisher: MessageLabs, now part of Symantec  |  Tags: enterprise security, social networking

Sophos Email Security and Control - Free 30 Day Trial

Sophos Email Security and Control - Free 30 Day Trial

Proactively block inbound and outbound threats with unrivaled effectiveness and simplicity, delivering high-capacity, hi

Publisher: Sophos

X-Force®Threat Insight Quarterly Voice over Internet Protocol (VoIP) ? Find out what the threats and challenges are for anyone deploying VoIP

X-Force®Threat Insight Quarterly Voice over Internet Protocol (VoIP) ? Find out what the threats and challenges are for anyone deploying VoIP

The X-Force Threat Insight Quarterly (Threat IQ) highlights the most significant threats and challenges facing security

Publisher: Internet Security Systems  |  Tags: homeland security, security flaws, voip

Web Security SaaS: The Next Generation of Web Security

Web Security SaaS: The Next Generation of Web Security

The Web is the new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity

Publisher: Webroot Software  |  Tags: hackers, idc, malware, saas

An independent report by ICSA Labs on the performance of ISS' VoIP-enabled Intrusion Prevention devices

An independent report by ICSA Labs on the performance of ISS' VoIP-enabled Intrusion Prevention devices

This technical product evaluation is focused on the ISS VoIP-enabled Intrusion Prevention devices. These are built to su

Publisher: Internet Security Systems  |  Tags: voip

University at Buffalo White Papers

IT Investment Strategy

IT Investment Strategy

The 90's saw a period of unprecedented creativity and investment in IT, launched by the emergence of the Internet as a w

Publisher: University at Buffalo  |  Tags: search engine

Real-Time Multistage Attack Awareness Through Enhanced Intrusion Alert Clustering

Real-Time Multistage Attack Awareness Through Enhanced Intrusion Alert Clustering

Correlation and fusion of intrusion alerts to provide effective Situation Awareness of cyber-attacks has become an activ

Publisher: University at Buffalo  |  Tags: network, real-time

SWAN: A Secure Wireless LAN Architecture

SWAN: A Secure Wireless LAN Architecture

Existing Wireless LAN (WLAN) security schemes are few and product specific. While there exist some schemes for Informati

Publisher: University at Buffalo