• DocumentCode
    567172
  • Title

    A practical business security framework to combat malware threat

  • Author

    Eswari, P. R Lakshmi ; Babu, N. Sarat Chandra

  • Author_Institution
    Centre for Dev. of Adv. Comput. (C-DAC), Hyderabad, India
  • fYear
    2012
  • fDate
    10-12 June 2012
  • Firstpage
    77
  • Lastpage
    80
  • Abstract
    Malware threats are continuously growing with sophistication. Though multiple layers of defense are provided at perimeter, network, host, application and data levels, it is still becoming a challenge to address malware related problems. They have grown in number as well as complexity and are responsible for attacks ranging from denial-of-service to compromising online banking accounts. In recent times, blended attacks are popular with high severity of damage and are difficult to address using signature based anti-malware solutions. Signature based anti-malware solutions are not able to completely detect and block malware behavior. Though heuristic based anti-malware solutions are able to increase the detection rate, their false positive rate is high. Application whitelisting is effective but creates rigidity on environment. Through this paper we analyzed positive as well as negative security models and proposed a practical security framework for combating malware threat, considering the nature of Information Technology (IT) systems and their business objective.
  • Keywords
    business data processing; invasive software; IT systems; application whitelisting; business security framework; denial-of-service attack; information technology; malware threats; online banking accounts; signature based anti-malware solutions; Fires; Internet; Malware; Mission critical systems; Software; Anamoly Detection; Application Whitelisting; Heuristic based; Malware; Mission Critical; Negative Security Model; Positive Security Model; Practical Business Security; Signature based; Specification based;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Security (WorldCIS), 2012 World Congress on
  • Conference_Location
    Guelph, ON
  • Print_ISBN
    978-1-4673-1108-3
  • Type

    conf

  • Filename
    6280201