Authors:Jon Oberheide, Kaushik Veeraraghavan, Evan Cooke, Jason Flinn, Farnam Jahanian Electrical Engineering and Electrical Engineering and Computer Science.

Slides:

Advertisements

Similar presentations

Network Systems Sales LLC

Advertisements

HONEYPOTS Mathew Benwell, Sunee Holland, Grant Pannell.

A distributed method for mining association rules

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

Honeypots Presented by Javier Garcia April 21, 2010.

Johnson Logistics Solutions Office of Systems and Information Technology.

Intrusion Detection Systems By: William Pinkerton and Sean Burnside.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Vivaldi Coordinate Service Justin Ma, Patrick Verkaik, Michael Vrable Department of Computer Science And Engineering UCSD CSE222A, Winter 2005.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 10 04/18/2011 Security and Privacy in Cloud Computing.

Legion Worldwide virtual computer. About Legion Made in University of Virginia Object-based metasystems software project middleware that connects computer.

SIMPLEStone – A presence server performance benchmarking standard SIMPLEStone – A presence server performance benchmarking standard Presented by Vishal.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

Understanding and Managing WebSphere V5

Barracuda Networks Steve Scheidegger Commercial Account Manager

Forefront Security Exchange. Problem Meddelande system och sammarbetsprodukter är underbarar mål för elak kod och “distrubition” av äkta dynga… Viruses.

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

Component 4: Introduction to Information and Computer Science Unit 10: Future of Computing Lecture 2 This material was developed by Oregon Health & Science.

1 Monday, June 27, 2011Copyright© 2011 Dragnet Dragnet ® Cloud Service Introduction Matthew McLeod, Managing Director

INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION INTRUSION DETECTION.

Computing on the Cloud Jason Detchevery March 4 th 2009.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

Honeypot and Intrusion Detection System

Component 4: Introduction to Information and Computer Science Unit 10b: Future of Computing.

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Malware Analysis Jaimin Shah & Krunal Patel Vishal Patel & Shreyas Patel Georgia Institute of Technology School of Electrical and Computer Engineering.

Automated Classification and Analysis of Internet Malware M. Bailey J. Oberheide J. Andersen Z. M. Mao F. Jahanian J. Nazario RAID 2007 Presented by Mike.

Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.

Identification of Bot Commands By Run-time Execution Monitoring Younghee Park, Douglas S. Reeves North Carolina State University ACSAC

1 MAIN TABLE OF CONTENTS Definition: SOFTWARE AGENT HOW MANY TYPES OF AGENT? DEFINITION OF MOBILE AGENT: SOFTWARE AGENTS PROPERTIES, WORKING OF MOBILE.

Computer viruses The effects of a virus are…  Slow loadings  Crashing  Not having control over the computer  Deleting documents.

Comparison of Distributed Operating Systems. Systems Discussed ◦Plan 9 ◦AgentOS ◦Clouds ◦E1 ◦MOSIX.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Steve Smalley 5/21/12 Hour 4.  Design and develop software  Use computer science and mathematics to test and evaluate software applications  Design.

James R. Cash SCADA System. Main Functions Acquire remote data Permit centralized control of pipeline Keep historical record of operation Provide automated.

Security Version 6.1 | August Need for Complete Security Stop threats at the perimeter High volume spam, phishing, viruses and.

Implementing Microsoft Exchange Online with Microsoft Office 365

© 2014 IBM Corporation Does your Cloud have a Silver Lining ? The adoption of Cloud in Grid Operations of Electric Distribution Utilities Kieran McLoughlin.

11 Shades of Grey: On the effectiveness of reputation- based “blacklists” Reporter: 林佳宜 /8/16.

Advanced Anti-Virus Techniques

Virtual Desktop Infrastructure

NETWORK SECURITY Definitions and Preventions Toby Wilson.

A Blackboard-Based Learning Intrusion Detection System: A New Approach

TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:

Mobile Device Security Threats Christina Blakley Host Computer Security.

Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Some Great Open Source Intrusion Detection Systems (IDSs)

CloudAV: N-Version Antivirus in the Network Cloud Jon Oberheide, Evan Cooke, Farnam Jahanian Electrical Engineering and Computer Science Department, University.

BUILD SECURE PRODUCTS AND SERVICES

CloudAV N-Version Antivirus in the Network Cloud

Platform as a Service (PaaS)

Barracuda Web Security Flex

Protecting your mobile devices away from virus by a cloud-based approach Wei Wu.

Evaluating a Real-time Anomaly-based IDS

Dieudo Mulamba November 2017

Anne Pratoomtong ECE734, Spring2002

Mobile Agents M. L. Liu.

Secure once, run anywhere Simplify your security with Sophos

THE INTERNET MOTION SENSOR: A Distributed Blackhole Monitoring System

Internet Engineering Course

Detection Detect the breach and protect the data. By,

Done by:Thikra abdullah

Presentation transcript:

Authors:Jon Oberheide, Kaushik Veeraraghavan, Evan Cooke, Jason Flinn, Farnam Jahanian Electrical Engineering and Electrical Engineering and Computer Science University of Michigan Ann Arbor Source: Proc. of MobiVirt, Breckenridge, CO, June 2008 Presenter: Hsin-Ruey, Tsai

 Introduction  Approach  Evaluation  Improvement

 Security vendors have marketed mobile- specific versions of antivirus software.  When complexity of mobile platforms and threats increase, the functionality can have significant power and resource overhead. BandwidthPower

 Better detection of malicious software  Reduced on-device recourse consumption  Reduced on-device software complexity

 Introduction  Approach  Evaluation  Improvement

Trapped Cache Compare If no Network service Analyze ID (After a file be analyzed) Local cache Network cache Other uses

 Network service: Movie detection capabilities to a network service allows the use of multiple antivirus engines in parallel by hosting them in virtualized containers.

 Mobile Agent: The file identifier algorithms and communications protocol with the network service Hook the execve syscall and file system operations to acquire and process candidate files before permitting their access.  Mobile-Specific Behavioral Engine: Emulate or run real operating systems and applications at runtime.

 SMS Spam Filtering It can be much more accurate in a network-centric deployment model through the aggregation of data from a large corpus of users.  Phishing Detection  Centralized Blacklists

 Introduction  Approach  Evaluation  Improvement

 For each experiment, we provide results for three cache states for our mobile agent (MA): CL+CR: cold local, cold remote; CL+WR: cold local, warm remote; and WL+WR: warm local, warm remote.  Computational Resources

 Power Consumption

 Disconnected operation  Privacy