Determining vulnerability resolution time by examining malware proliferation rates

Jeremy D. Seideman, Bilal Khan, Ghassen Ben Brahim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.

Original languageEnglish (US)
Title of host publication2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
Pages1678-1682
Number of pages5
DOIs
StatePublished - Sep 16 2013
Event2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013 - Cagliari, Sardinia, Italy
Duration: Jul 1 2013Jul 5 2013

Publication series

Name2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013

Other

Other2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013
CountryItaly
CityCagliari, Sardinia
Period7/1/137/5/13

Fingerprint

Computer operating systems
Dynamic analysis
Repair
Computer systems
Malware

Keywords

  • Malware
  • Malware emergence
  • Malware trends
  • Patch time
  • Vulnerability resolution

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Seideman, J. D., Khan, B., & Ben Brahim, G. (2013). Determining vulnerability resolution time by examining malware proliferation rates. In 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013 (pp. 1678-1682). [6583808] (2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013). https://doi.org/10.1109/IWCMC.2013.6583808

Determining vulnerability resolution time by examining malware proliferation rates. / Seideman, Jeremy D.; Khan, Bilal; Ben Brahim, Ghassen.

2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013. 2013. p. 1678-1682 6583808 (2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Seideman, JD, Khan, B & Ben Brahim, G 2013, Determining vulnerability resolution time by examining malware proliferation rates. in 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013., 6583808, 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013, pp. 1678-1682, 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013, Cagliari, Sardinia, Italy, 7/1/13. https://doi.org/10.1109/IWCMC.2013.6583808
Seideman JD, Khan B, Ben Brahim G. Determining vulnerability resolution time by examining malware proliferation rates. In 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013. 2013. p. 1678-1682. 6583808. (2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013). https://doi.org/10.1109/IWCMC.2013.6583808
Seideman, Jeremy D. ; Khan, Bilal ; Ben Brahim, Ghassen. / Determining vulnerability resolution time by examining malware proliferation rates. 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013. 2013. pp. 1678-1682 (2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013).
@inproceedings{5df860e7d3bf41aebb82b1441e8e1870,
title = "Determining vulnerability resolution time by examining malware proliferation rates",
abstract = "One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.",
keywords = "Malware, Malware emergence, Malware trends, Patch time, Vulnerability resolution",
author = "Seideman, {Jeremy D.} and Bilal Khan and {Ben Brahim}, Ghassen",
year = "2013",
month = "9",
day = "16",
doi = "10.1109/IWCMC.2013.6583808",
language = "English (US)",
isbn = "9781467324793",
series = "2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013",
pages = "1678--1682",
booktitle = "2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013",

}

TY - GEN

T1 - Determining vulnerability resolution time by examining malware proliferation rates

AU - Seideman, Jeremy D.

AU - Khan, Bilal

AU - Ben Brahim, Ghassen

PY - 2013/9/16

Y1 - 2013/9/16

N2 - One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.

AB - One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.

KW - Malware

KW - Malware emergence

KW - Malware trends

KW - Patch time

KW - Vulnerability resolution

UR - http://www.scopus.com/inward/record.url?scp=84883672764&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84883672764&partnerID=8YFLogxK

U2 - 10.1109/IWCMC.2013.6583808

DO - 10.1109/IWCMC.2013.6583808

M3 - Conference contribution

AN - SCOPUS:84883672764

SN - 9781467324793

T3 - 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013

SP - 1678

EP - 1682

BT - 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013

ER -