Article

Article title PROACTIVE MALWARE PROTECTION SYSTEMS
Authors A.T. Aliev
Section SECTION II. SECURITY OF INFORMATION SYSTEMS AND NETWORKS
Month, Year 02, 2014 @en
Index UDC 004.056.57
DOI
Abstract Malicious software, or malware, is the most widespread problem in the field of information security. Annual losses from computer viruses are estimated in the hundreds of billions of dollars. In this article, we analyze the existing solutions to detect malicious software and show the perspective and relevance of the development and implementation of anti-virus tools based on proactive detection methods. These methods allow protecting the computers from new unknown and yet unregistered viruses even if there signatures and algorithm are not defined. The shortcomings of existing solutions based on proactive detection methods are highlighted. We propose new three-tier system of proactive protection scheme and a new method of analysis based on expert judgment. The three-level architecture reduces the load on the intercept module and allows us to realize the more complex analysis algorithms. The analysis method based on expert judgment makes it possible to implement an automated system which is capable to block the dangerous actions of malicious software without a user involved. All new solutions proposed in the work were verified experimentally in a real environment and on the practices have shown to be highly effective.

Download PDF

Keywords Computer viruses; malware; antivirus; decision making.
References 1. РД ФСТЭК «Базовая модель угроз безопасности персональных данных их обработке в информационных системах персональных данных», 15 февраля 2008 г.
2. Касперский К. Записки исследователя компьютерных вирусов. – СПб.: Питер, 2002. – 316 с.
3. Aycock J. Computer Viruses and Malware. Advances in information security. – Calgary: Springer, 2006. – 227 p.
4. Алиев А.Т., Морозов А.П. Защита информационных систем от вредоносного программного обеспечения // XIX науч. конф. “Современные информационные технологии: тенденции и перспективы развития”. – Ростов-на-Дону, 2012. – С. 26-27.
5. Шрайбер С. Недокументированные возможности Windows 2000. Библиотека программиста. – СПб.: Питер, 2002. – 544 с.
6. Алиев А.Т. Построение проактивной системы защиты от вредоносных программ // XII науч.-практ. конф. «Информационная безопасность – 2012». – Таганрог: ТТИ ЮФУ, 2012. Ч. 2. – С. 45-50.

Comments are closed.