• DocumentCode
    1230242
  • Title

    Fools Download Where Angels Fear to Tread

  • Author

    Jaatun, Martin Gilje ; Jensen, Jostein ; Vegg, Håvard ; Halvorsen, Finn Michael ; Nergård, Rune Walsú

  • Volume
    7
  • Issue
    2
  • fYear
    2009
  • Firstpage
    83
  • Lastpage
    86
  • Abstract
    Our study illustrates that the risk of getting infected by malware that antivirus protection doesn´t detect is alarmingly high. New malware that the antivirus engines don´t have signatures for is likely to escape detection by a desktop antivirus solution. Taking precautions while using the Internet can protect users only to a certain extent. If they visit the wrong Web site or download a file infected with 0-day malware, they probably won´t be protected from infection. The malware specimens that our antivirus packages didn´t detect during our two-week exposure period suggest to us that signature-based antivirus software doesn´t provide sufficient protection for users who live on the bleeding edge with respect to where they obtain their software. Coupled with the exponential growth of new malware variants, our findings suggest that antivirus vendors have major problems keeping the signature lag within acceptable limits.
  • Keywords
    digital signatures; invasive software; Internet; Web site; malware; signature-based antivirus software; Computer networks; Crawlers; IP networks; Internet; Privacy; Protocols; Search engines; Security; System testing; Viruses (medical); 0-day; anti-virus; malware; virus;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    10.1109/MSP.2009.36
  • Filename
    4812165