Current methods for detection of malicious software
rely on large databases of "signatures" for
variations of every known computer virus. When such
virus infects a system, the antivirus reacts by
removing the threat. Such reactive methods leave
computer systems defenseless against new, previously
unknown attacks. Constant increase in the number of
new attacks calls for new proactive methods of
detection of modern computer security threats. This
book addresses the complexity issues in the design of
modern proactive malware detection systems. A
distinct biological immunology theme runs throughout
this work. Computer viruses are very similar in their
manifestation to biological parasites. After first
building the basis for understanding how modern
malicious software operates, the book then introduces
a detailed taxonomy of self-replication behavior in
malware with code samples and basic algorithms,
describes the application of the self-replication to
script viruses and expands the concept to the
detection of compiled executable malware. The book
completes with description of a novel design of an
experimental virtual laboratory for computer and
network security analysis and research.
rely on large databases of "signatures" for
variations of every known computer virus. When such
virus infects a system, the antivirus reacts by
removing the threat. Such reactive methods leave
computer systems defenseless against new, previously
unknown attacks. Constant increase in the number of
new attacks calls for new proactive methods of
detection of modern computer security threats. This
book addresses the complexity issues in the design of
modern proactive malware detection systems. A
distinct biological immunology theme runs throughout
this work. Computer viruses are very similar in their
manifestation to biological parasites. After first
building the basis for understanding how modern
malicious software operates, the book then introduces
a detailed taxonomy of self-replication behavior in
malware with code samples and basic algorithms,
describes the application of the self-replication to
script viruses and expands the concept to the
detection of compiled executable malware. The book
completes with description of a novel design of an
experimental virtual laboratory for computer and
network security analysis and research.