Chapter 1

A Primer on Detection for Security

Abstract

The security industry has relied for years on end point protection software that aims to detect specific behavioral patterns – signatures – of malware in order to protect IT systems. However, in today’s rapidly moving front of highly tailored malware, it has been proven to be impossible to build a useful signature-based detector for polymorphic malware.

Keywords

malware

polymorphic malware

endpoint protection

endpoint protection industry (EPP)

ROC curve

The security industry has relied for years on endpoint protection software that aims to detect specific behavioral patterns – signatures – of malware in order to protect a system under attack. Most signatures today attempt to capture ...

Get How to Defeat Advanced Malware now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

How to Defeat Advanced Malware by Henry Dalziel, Simon Crosby

A Primer on Detection for Security

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly