Chapter 1

A Primer on Detection for Security

Abstract

The security industry has relied for years on end point protection software that aims to detect specific behavioral patterns – signatures – of malware in order to protect IT systems. However, in today’s rapidly moving front of highly tailored malware, it has been proven to be impossible to build a useful signature-based detector for polymorphic malware.

Keywords

malware
polymorphic malware
endpoint protection
endpoint protection industry (EPP)
ROC curve
The security industry has relied for years on endpoint protection software that aims to detect specific behavioral patterns – signatures – of malware in order to protect a system under attack. Most signatures today attempt to capture ...

Get How to Defeat Advanced Malware now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.