Back to Search
Start Over
How Good Are Malware Detectors at Remediating Infected Systems?
- Source :
- Detection of Intrusions & Malware & Vulnerability Assessment (9783642029172); 2009, p21-37, 17p
- Publication Year :
- 2009
-
Abstract
- Malware detectors are applications that attempt to identify and block malicious programs. Unfortunately, malware detectors might not always be able to preemptively block a malicious program from infecting the system (e.g., when the signatures database is not promptly updated). In these situations, the only way to eradicate the infection without having to reinstall the entire system is to rely on the remediation capabilities of the detectors. Therefore, it is essential to evaluate the efficacy and accuracy of anti-malware software in such situations. This paper presents a testing methodology to assess the quality (completeness) of the remediation procedures used by malware detectors to revert the effect of an infection from a compromised system. To evaluate the efficacy of our testing methodology, we developed a prototype and used it to test six of the top-rated commercial malware detectors currently available on the market. The results of our evaluation witness that in many situations the tested malware detectors fail to completely remove the effects of an infection. [ABSTRACT FROM AUTHOR]
Details
- Language :
- English
- ISBNs :
- 9783642029172
- Database :
- Complementary Index
- Journal :
- Detection of Intrusions & Malware & Vulnerability Assessment (9783642029172)
- Publication Type :
- Book
- Accession number :
- 76737364
- Full Text :
- https://doi.org/10.1007/978-3-642-02918-9_2