Using Malware to Improve Software Quality and Security
نویسندگان
چکیده
Software vendors have very few incentives, and even have disincentives, to producing secure, highquality software. “I4NI systems” are a new type of malicious software whose payload bears ill intent, yet would be voluntarily, knowingly installed by software vendors. Use of these systems would give vendors competitive advantages, as well as empower consumers with a direct way to influence a vendor's software quality. We give a detailed description of I4NI systems, along with extensive technical, ethical, and economic analyses.
منابع مشابه
DyVSoR: dynamic malware detection based on extracting patterns from value sets of registers
To control the exponential growth of malware files, security analysts pursue dynamic approaches that automatically identify and analyze malicious software samples. Obfuscation and polymorphism employed by malwares make it difficult for signature-based systems to detect sophisticated malware files. The dynamic analysis or run-time behavior provides a better technique to identify the threat. In t...
متن کاملMath vs. Malware
How Cylance® Uses Math To Defeat Malware The problem, although few want to admit it, is that enterprise security personnel are defending a castle riddled with holes, filled with secret passageways, and protected by ineffective barriers. These weak points are a consequence of poor quality security software, inferior hardware, and in some cases, backdoors planted by malicious insiders. The end re...
متن کاملAnti-Taint-Analysis: Practical Evasion Techniques Against Information Flow Based Malware Defense
Taint-tracking is emerging as a general technique in software security to complement virtualization and static analysis. It has been applied for accurate detection of a wide range of attacks on benign software, as well as in malware defense. Although it is quite robust for tackling the former problem, application of taint analysis to untrusted (and potentially malicious) software is riddled wit...
متن کاملHigh accuracy android malware detection using ensemble learning
With over 50 billion downloads and more than 1.3 million apps in Google’s official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detect...
متن کاملSupervised Detection of Infected Machines Using Anti-virus Induced Labels - (Extended Abstract)
Traditional antivirus software relies on signatures to uniquely identify malicious files. Malware writers, on the other hand, have responded by developing obfuscation techniques with the goal of evading content-based detection. A consequence of this arms race is that numerous new malware instances are generated every day, thus limiting the effectiveness of static detection approaches. For effec...
متن کامل