Towards Extending the Antivirus Capability to Scan Network Traffic

نویسنده

  • Mohammed I. Al-Saleh
چکیده

Computer network is a major venue for malware to spread out and infect new victims. Many effective countermeasures against attacks are deployed at different network boundaries. Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Firewalls are among such security controls. The Antivirus (AV) software is widespread among end-users and deployed as a last line of defense against threats. Even effective at detecting attacks, popular AVs only detect malware if it is written to or read from the Hard Disk. Unfortunately, as already reported by a previous research, data sent (or received) through networks is not scanned by the AV. An exact reason of this weird behavior can only be speculated. Nevertheless, we believe that this problem should be approached. This paper proposes a novel approach to detect malware sent (or received) through networks.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Formal Petri Net Based Model for Antivirus Update Agent System

In this paper, a formal model for antivirus update agent system is presented based on mobile agent technology and predicate/transition Petri nets. The mobile agent system contains two mobile agents called DCA and UNA. It sends out agents to update antivirus on client computers in a network. Each agent takes on a specified responsibility. First, DCA roams through the network and check the last d...

متن کامل

A Formal Petri Net Based Model for Antivirus Update Agent System

In this paper, a formal model for antivirus update agent system is presented based on mobile agent technology and predicate/transition Petri nets. The mobile agent system contains two mobile agents called DCA and UNA. It sends out agents to update antivirus on client computers in a network. Each agent takes on a specified responsibility. First, DCA roams through the network and check the last d...

متن کامل

A Systematic Method to Analyze Transport Networks: Considering Traffic Shifts

Current network modeling practices usually assess the network performance at specified time interval, i.e. every 5 or 10 years time horizon. Furthermore, they are usually based on partially predictable data, which are being generated through various stochastic procedures. In this research, a new quantitative based methodology which combines combinatorial optimization modeling and transportation...

متن کامل

Markov Chain Formulation of G/m/1 Queueing System for 1-limited Polling Model with Self-similar Traffic Input Technical Report 632

Over the past few years, we have witnessed a growing popularity of new wireless architectures such as 3G, Wi-Fi and Wi-Max due to the increase in demand for wireless Internet access. The all-IP based future mobile and wireless network model is expected to be the most dominant architecture for QoS provisioning in next-generation wireless networks, mainly due to its scalability and capability of ...

متن کامل

Adrisya: a Flow Based Anomaly Detection System for Slow and Fast Scan

Attackers perform port scan to find reachability, liveness and running services in a system or network. Current day scanning tools provide different scanning options and capable of evading various security tools like firewall, IDS and IPS. So in order to detect and prevent attacks in the early stages, an accurate detection of scanning activity in real time is very much essential. In this paper ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015