Determining vulnerability resolution time by examining malware proliferation rates

Jeremy D. Seideman, Bilal Khan, Ghassen Ben Brahim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.

Original languageEnglish (US)
Title of host publication2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
Pages1678-1682
Number of pages5
DOIs
StatePublished - 2013
Externally publishedYes
Event2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013 - Cagliari, Sardinia, Italy
Duration: Jul 1 2013Jul 5 2013

Publication series

Name2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013

Other

Other2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
Country/TerritoryItaly
CityCagliari, Sardinia
Period7/1/137/5/13

Keywords

  • Malware
  • Malware emergence
  • Malware trends
  • Patch time
  • Vulnerability resolution

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Determining vulnerability resolution time by examining malware proliferation rates'. Together they form a unique fingerprint.

Cite this