DocumentCode
2858074
Title
Malware defense using network security authentication
Author
Antrosio, Joseph V. ; Fulp, Errin W.
Author_Institution
Dept. of Comput. Sci., Wake Forest Univ., Winston-Salem, NC, USA
fYear
2005
fDate
23-24 March 2005
Firstpage
43
Lastpage
54
Abstract
Malware defenses have primarily relied upon intrusion fingerprints to detect suspicious network behavior. While effective for discovering computers that are already compromised, these systems are not designed to stop the spread or damage of malware. Standard gateway firewalls can prevent outside-based attacks; however, they are ineffective in a mobile network where threats originate from inside and administrators have limited control over client machines. This paper introduces a new strategy for malware defense using security authentication which focuses on vulnerabilities rather than exploits. The proposed system uses a remote security scanner to check for vulnerabilities and quarantines machines using logical network segmentation. This maximizes the usefulness of the machine in question while preventing attacks. Furthermore given the unique ability to quarantine machines without any specialized host software, the proposed system can defend against internal malware threats in a mobile network. Positive results have been achieved utilizing a proof-of-concept model and standard networking tools.
Keywords
computer viruses; message authentication; mobile computing; telecommunication security; client machines; gateway firewalls; internal malware threats; intrusion fingerprints; logical network segmentation; malware defense; mobile network; network security authentication; outside-based attacks; remote security scanner; suspicious network behavior detection; vulnerability checking; Authentication; Computer science; Computer worms; Fingerprint recognition; Government; Humans; Intrusion detection; Microwave integrated circuits; Software systems; US Department of Energy;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Assurance, 2005. Proceedings. Third IEEE International Workshop on
Print_ISBN
0-7695-2317-X
Type
conf
DOI
10.1109/IWIA.2005.11
Filename
1410701
Link To Document