Go to CCS 2014 homepageFighting malicious code: an eternal struggle
Abstract: Despite many years of research and significant commercial investment, the malware problem is far from being solved (or even reasonably well contained). Every week, the mainstream press publishes articles that describe yet another incident where millions of credit cards were leaked, a large company discloses that adversaries had remote access to its corporate secrets for years, and we discover a new botnet with tens of thousands of compromised machines. Clearly, this situation is not acceptable, but why isn't it getting any better? In this talk, I will discuss some of the reasons why the malware problem is fundamentally hard, and why existing defenses in industry are no longer working. I will then outline progress that researchers and industry have made over the last years, and highlight a few milestones in our struggle to keep malicious code off our computer systems. This part will not focus on advances related to the analysis of malicious code alone, but take a broader perspective. How can we prevent malicious code from getting onto our machines in the first place? How can we detect network communication between malware programs and remote control nodes? And how can we lower the benefits that attackers obtain from their compromised machines? Finally, I will point out a few areas in which I believe that we should make progress to have the most impact in our fight against malicious code.
0 Replies
Loading