{"title":"大型IT基础设施中基于网络的恶意软件检测方法","authors":"B. Kumar, C. Katsinis","doi":"10.1109/NCA.2010.33","DOIUrl":null,"url":null,"abstract":"Malware is code that has malicious intent and is designed for malicious purpose such as stealing confidential data, or obtaining root privileges on a system. The current approach to deal with malware threats such as virus and spyware is to use host based anti-malware software. However, this approach leads to many vulnerable machines since many users don't update their software, their virus signatures, and some even disable their software to avoid the system performance degradation caused by these software. Host based security software require a good deal of administration, with consistent needs for reconfiguration, management, and report analysis. With security administrators supporting an ever growing number of users, such an approach has become impractical. In this paper, we present a novel network based malware detection architecture that uses host security vectors to protect host machines without any intervention from hosts. This architecture provides another layer of security and can complement existing host based solutions. Only central detection server needs to be actively managed instead of individual hosts - hence providing more manageable solution for large IT infrastructures.","PeriodicalId":276374,"journal":{"name":"2010 Ninth IEEE International Symposium on Network Computing and Applications","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A Network Based Approach to Malware Detection in Large IT Infrastructures\",\"authors\":\"B. Kumar, C. Katsinis\",\"doi\":\"10.1109/NCA.2010.33\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malware is code that has malicious intent and is designed for malicious purpose such as stealing confidential data, or obtaining root privileges on a system. The current approach to deal with malware threats such as virus and spyware is to use host based anti-malware software. However, this approach leads to many vulnerable machines since many users don't update their software, their virus signatures, and some even disable their software to avoid the system performance degradation caused by these software. Host based security software require a good deal of administration, with consistent needs for reconfiguration, management, and report analysis. With security administrators supporting an ever growing number of users, such an approach has become impractical. In this paper, we present a novel network based malware detection architecture that uses host security vectors to protect host machines without any intervention from hosts. This architecture provides another layer of security and can complement existing host based solutions. Only central detection server needs to be actively managed instead of individual hosts - hence providing more manageable solution for large IT infrastructures.\",\"PeriodicalId\":276374,\"journal\":{\"name\":\"2010 Ninth IEEE International Symposium on Network Computing and Applications\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Ninth IEEE International Symposium on Network Computing and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCA.2010.33\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Ninth IEEE International Symposium on Network Computing and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCA.2010.33","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Network Based Approach to Malware Detection in Large IT Infrastructures
Malware is code that has malicious intent and is designed for malicious purpose such as stealing confidential data, or obtaining root privileges on a system. The current approach to deal with malware threats such as virus and spyware is to use host based anti-malware software. However, this approach leads to many vulnerable machines since many users don't update their software, their virus signatures, and some even disable their software to avoid the system performance degradation caused by these software. Host based security software require a good deal of administration, with consistent needs for reconfiguration, management, and report analysis. With security administrators supporting an ever growing number of users, such an approach has become impractical. In this paper, we present a novel network based malware detection architecture that uses host security vectors to protect host machines without any intervention from hosts. This architecture provides another layer of security and can complement existing host based solutions. Only central detection server needs to be actively managed instead of individual hosts - hence providing more manageable solution for large IT infrastructures.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
