Tudor Dumitraş and Petros Efstathopoulos, Symantec Research Labs
Abstract:
The Internet can be a dangerous place: 800,000 new malware variants are detected each day, and this number is growing at an exponential rate—driven by the quest for economic gains. However, over the past ten years operating-system vendors have introduced a number of security technologies that aim to make exploits harder and to reduce the attack surface of the platform. Faced with these two conflicting trends, it is difficult for end-users to determine what techniques make them safer from Internet attacks. In this position paper, we argue that to answer this question conclusively we must analyze field data collected on real hosts that are targeted by attacks—e.g., the approximately 50 million records of anti-virus telemetry available through Symantec’s WINE platform. Such studies can characterize the factors that drive the production of malware, can help us understand the impact of security technologies in the real world and can suggest new security metrics, derived from field observations rather than small lab experiments, indicating how susceptible to attacks a computing platform may be.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {181312,
author = {Tudor Dumitras and Petros Efstathopoulos},
title = {Ask {WINE}: Are We Safer Today? Evaluating Operating System Security through Big Data Analysis},
booktitle = {5th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 12)},
year = {2012},
address = {San Jose, CA},
url = {https://www.usenix.org/conference/leet12/workshop-program/presentation/dumitras},
publisher = {USENIX Association},
month = apr
}
Twitter
Facebook
LinkedIn
Google+
YouTube
connect with us