VB2015 paper: Economic Sanctions on Malware

Posted by   Helen Martin on   Jun 1, 2016

Financial pressure can be a proactive and potentially very effective tool in making our computer ecosystems safer: making attackers spend real money before they can deploy malware is an effective deterrent. 

In his VB2015 paper, Igor Muttik analyses and gives examples of technologies (certificates, credentials, etc.) that can be used to de-incentivize bad behaviours in several ecosystems.

economic-scantions-table1.jpg

The spectrum of technologies in the arsenal of AV products from the perspective of how they affect the costs for attackers

In his paper, Igor show how, by cleverly employing various trust metrics and technologies such as digital signing, watermarking, and public-key infrastructure in strategically selected places, we can encourage good behaviours and punish bad ones.

Read the paper here in HTML format or here as a PDF, and find the video on our YouTube channel, or embedded below.

Together with Jorge Blasco (London City University) and Markus Roggenbach (Swansea University), Igor is also on the VB2016 programme, where he and his co-authors will present a paper on wild Android collusions. If you register for VB2016 before the end of this month, you will receive a 10% discount.

Jorge Blasco

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros

Since their return four years ago, Office macros have been one of the most common ways to spread malware. Today, we publish a research paper which looks in detail at a campaign in which VBA macros are used to execute PowerShell code, which in turn…

VB2017 paper: Android reverse engineering tools: not the usual suspects

Within a few years, Android malware has grown from a relatively small threat to a huge problem involving more than three million new malware samples a year. Axelle Apvrille, one of the world's leading Android malware researchers, will deliver a…

Patch early, patch often, but don't blindly trust every 'patch'

Compromised websites are being used to serve fake Flash Player uploads that come with a malicious payload.

Virus Bulletin at RSA

Next week, VB Editor Martijn Grooten will be at the RSA Conference in San Francisco.

Broad-ranging and international VB2018 programme announced

VB is excited to reveal the details of an interesting and diverse programme for VB2018, the 28th Virus Bulletin International Conference, which takes place 3-5 October in Montreal, Canada.