Main

Articles

News

Links

Contacts

search this site

  

Behavior Blocking


Signature-based anti-virus (AV) software is running a losing race. Malicious code writers persistently out-pace the efforts of AV researchers to identify and halt the latest threats. This isnt due to a lack of effort: vendors have cut response time from days to hours. This is an admirable feat, considering they must ensure that the update detects and removes the virus, and that it doesnt interfere with the normal operations of their customers myriad computer systems. The problem is the race itself. Malicious code writers have a head start-they launch malware against live targets before AV researchers can analyze and...

Read more

Host-based IDS

A HIDS will monitor all or part of the dynamic behavior and of the state of a computer system. Much as a NIDS will dynamically inspect network packets, a HIDS might detect which program accesses what resources and assure that (say) a word-processor hasnt suddenly and inexplicably started modifying the system password-database. Similarly a HIDS might look at the state of a system, its stored information, whether in RAM, in the file-system, or elsewhere; and check that the contents of these appear as expected. One can think of a HIDS as an agent that monitors whether anything/anyone - internal or...

Read more

Program shepherding

Program shepherding is a method for monitoring control flow transfers during program execution to enforce security policies. Program shepherding provides three techniques as building blocks for security policies. First, shepherding can restrict execution privileges on the basis of code origins. This distinction can ensure that malicious code masquerading as data is never executed, thwarting a large class of security attacks. Second, shepherding can restrict control transfers based on instruction class, source, and target. For example, shepherding can forbid execution of shared library code except through declared entry points, and can ensure that a return instruction only targets the instruction after...

Read more

Read other articles on our site








intrusion-response.com: Worm containment, Active response systems Intrusion detection and prevention: Intrusion-Prevention.biz
Trend anti virus, Free av software: Online Anti-virus Review


Free website templates
 Behavior Blocking News:

Apr 29: IBM Announces Availability of Powerful New Solutions for Mid-Sized ... - The FINANCIAL

Apr 29: IBM Announces Availability of Powerful New Solutions for Mid-Sized ... - TAXI Design Network

Apr 25: Hannaford to implement military- and industrial-strength IT Security - CIO

Apr 24: IBM, Tata Dig Into Managed Security Services - CIO India

Apr 25: Int?l News: SkyRecon TradeShield secures trading and investment ... - CTR

Apr 23: Hannaford to spend 'millions' on IT security after breach - ARNnet

May 05: Verdasys and Fidelis Security Systems Announce Strategic ... - Earthtimes (press release)

Apr 28: Prism Microsystems to enter EMEA markets via Finally Software - Computer Business Review

Apr 28: IBM Announces Availability of Powerful New Solutions for Mid-Sized ... - CNNMoney.com

Apr 24: Industry Analysts to Present Emerging Application Delivery Trends ... - TMC Net