CHAPTER 16
MALICIOUS CODE
Robert Guess and Eric Salveggio
16.2 MALICIOUS CODE THREAT MODEL
16.2.2 Actors: Origin of Malicious Code Threats
16.2.3 Actors: Structured Threats
16.2.4 Actors: Unstructured Threats
16.2.5 Access versus Action: Vector versus Payload
16.4 DETECTION OF MALICIOUS CODE
16.4.1 Signature-Based Malicious Code Detection
16.4.2 Network-Based Malicious Code Detection
16.4.3 Behavioral Malicious Code Detection
16.4.4 Heuristic Malicious Code Detection
16.5 PREVENTION OF MALICIOUS CODE ATTACKS
16.5.2 Operational Controls for Malicious Code
16.5.3 Human Controls for Malicious Code
16.5.4 Technical Controls for Malicious Code 1
16.1 INTRODUCTION.
Malicious logic (or code) is “hardware, software, or firmware that is intentionally included in a system for an unauthorized purpose.”1 In this chapter, we enumerate the common types of malicious code, sources of malicious code, methods of malicious code replication, and methods of malicious code detection.
Common types of malicious code include viruses, worms, Trojan horses, spyware, rootkits, and bots. Emerging malicious code threats include kleptographic code, cryptoviruses, and hardware-based rootkits. Present-day malicious code threats do not always fit into ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access