Practical Experiences with Purenet, a Self-Learning Malware Prevention System - Open Research Problems in Network Security
Conference Papers Year : 2011

Practical Experiences with Purenet, a Self-Learning Malware Prevention System

Alapan Arnab
  • Function : Author
  • PersonId : 1015545
Tobias Martin
  • Function : Author
  • PersonId : 1015546
Andrew Hutchison
  • Function : Author
  • PersonId : 1015547

Abstract

This paper introduces Purenet, which is a self-learning malware detection system aimed at avoiding zero-day attacks and other delays in patching application systems when attacks are identified. The concept and architecture of Purenet are described, specifically positioning anomaly detection as the system enabler. Deployment of the system in an operational environment is discussed, and associated recommendations and findings are presented based on this. Findings from the prototype include various considerations which should influence the design of such security software including latency considerations, multi protocol support, cloud anti-malware integration, resource requirement issues, reporting, base platform hardening and SIEM integration.
Fichier principal
Vignette du fichier
978-3-642-19228-9_6_Chapter.pdf (510.69 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01581334 , version 1 (04-09-2017)

Licence

Identifiers

Cite

Alapan Arnab, Tobias Martin, Andrew Hutchison. Practical Experiences with Purenet, a Self-Learning Malware Prevention System. 1st Open Research Problems in Network Security (iNetSec), Mar 2010, Sofia, Bulgaria. pp.56-69, ⟨10.1007/978-3-642-19228-9_6⟩. ⟨hal-01581334⟩
81 View
73 Download

Altmetric

Share

More