Determining vulnerability resolution time by examining malware proliferation rates

One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force use...

Full description

Saved in:
Bibliographic Details
Published in2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC) pp. 1678 - 1682
Main Authors Seideman, Jeremy D., Khan, Bilal, Ben Brahim, Ghassen
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.07.2013
Subjects
Computers
Educational institutions
Electronic mail
Malware
Malware Emergence
Malware Trends
Operating systems
Patch Time
Vulnerability Resolution
Online AccessGet full text

Cover

More Information
Summary:One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.
ISBN:1467324795
9781467324793
ISSN:2376-6492
DOI:10.1109/IWCMC.2013.6583808