Determining vulnerability resolution time by examining malware proliferation rates

Author

Seideman, Jeremy D. ; Khan, Bilal ; Ben Brahim, Ghassen

Author_Institution

Grad. Sch. & Univ. Center, City Univ. of New York, New York, NY, USA

fYear

2013

fDate

1-5 July 2013

Firstpage

1678

Lastpage

1682

Abstract

One of the ways that malware infects is by exploiting weaknesses in computer systems, often through conditions in software. When this happens, software and operating system vendors must repair these vulnerabilities by patching their software. However, vendors can release patches but cannot force users to apply them. Malware attempts to proliferate without regard to the state of the infected system; it is only once that the malware infection is stopped that we can truly say that systems are patched to eliminate that exploit. By examining appearance and disappearance of malware types, as determined through dynamic analysis of malware samples, classified by behavioral profiles correlated with a timeline of discovery dates, we can determine a more real-world average time for effective patch times, as opposed to the time it takes for a vendor to release a patch for a discovered vulnerability.

Keywords

invasive software; operating systems (computers); computer system weaknesses; dynamic analysis; effective patch time; malware appearance; malware disappearance; malware proliferation rate; vulnerability resolution time; Computers; Educational institutions; Electronic mail; Malware; Operating systems; Malware; Malware Emergence; Malware Trends; Patch Time; Vulnerability Resolution;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International

Conference_Location

Sardinia

Print_ISBN

978-1-4673-2479-3

Type

conf

DOI

10.1109/IWCMC.2013.6583808

Filename

6583808