A Pragmatic and Verifiable Security Approach Based on Attacker Behavior presented at The Security Confab 2012

by Dan Guido,

Tags: Security

Summary : "In this talk, well introduce an intelligence-driven approach to malware defense, focusing on attacker's capabilities and methods, with data collected from the most popular crimeware packs currently deployed in the wild. This analysis identifies the means by which exploits are developed and selected for use in malware campaigns, identifies defenses that are outside the capability of malware exploit writers to bypass, and helps attendees evaluate not just the exploitability, but the probability of a vulnerability being exploited. This study shows that, until exploits in the wild substantially advance in sophistication, only a few simple defensive tactics are required to protect users from such opportunistic threats. When evaluated by my methods and data, the value of existing security products and processes and the wisdom of existing security best practices are directly called into question. Instead, well offer a new way forward based on verifiable observations and defenses supported by intelligence."