DocumentCode
1230242
Title
Fools Download Where Angels Fear to Tread
Author
Jaatun, Martin Gilje ; Jensen, Jostein ; Vegg, Håvard ; Halvorsen, Finn Michael ; Nergård, Rune Walsú
Volume
7
Issue
2
fYear
2009
Firstpage
83
Lastpage
86
Abstract
Our study illustrates that the risk of getting infected by malware that antivirus protection doesn´t detect is alarmingly high. New malware that the antivirus engines don´t have signatures for is likely to escape detection by a desktop antivirus solution. Taking precautions while using the Internet can protect users only to a certain extent. If they visit the wrong Web site or download a file infected with 0-day malware, they probably won´t be protected from infection. The malware specimens that our antivirus packages didn´t detect during our two-week exposure period suggest to us that signature-based antivirus software doesn´t provide sufficient protection for users who live on the bleeding edge with respect to where they obtain their software. Coupled with the exponential growth of new malware variants, our findings suggest that antivirus vendors have major problems keeping the signature lag within acceptable limits.
Keywords
digital signatures; invasive software; Internet; Web site; malware; signature-based antivirus software; Computer networks; Crawlers; IP networks; Internet; Privacy; Protocols; Search engines; Security; System testing; Viruses (medical); 0-day; anti-virus; malware; virus;
fLanguage
English
Journal_Title
Security & Privacy, IEEE
Publisher
ieee
ISSN
1540-7993
Type
jour
DOI
10.1109/MSP.2009.36
Filename
4812165
Link To Document