"Big Data" Analytics in Network Security: Computational Automation of Security Professionals
The reality of today’s Internet is that cyber threats are becoming increasingly more sophisticated. In the not too distant past, cyber-attacks were executed using rudimentary and standard malicious binaries, often referred to as viruses. Defending against these early malicious binaries was effectively accomplished by signature based antivirus Web and email content filtering platforms, which would rely on an actual pattern or static image of the binary.
Cyber criminals, many of whom are sophisticated, profit-maximizing members of organized crime, looked to increase the return on the investment that they had in their malicious code. The result was that the cybercriminal community discovered that they could continuously modify the way that their malicious binaries or executables appeared, such that signatures could no longer be applied effectively. The age of polymorphic malicious binaries was born.
Polymorphism can be very complicated or very basic. Simply put, polymorphism is the modification of the way the executable looks, without executing it. If the code of the binary looks different, the signature for the code will also be different, rendering signature based defenses, such as those often included in antivirus solutions, ineffective.
About this report
In this SPIE, we discuss the role of signature based defenses in this new APT reality. We also discuss behavioral-based cyber defenses. Finally, we delve into one form of behavioral cyber defense: advanced security analytics.
Learn how to effectively navigate the market research process to help guide your organization on the journey to success.Download eBook