Sciweavers

Share
SEC
2008

Collaborative architecture for malware detection and analysis

10 years 4 months ago
Collaborative architecture for malware detection and analysis
The constant increase of malware threats clearly shows that the present countermeasures are not sufficient especially because most actions are put in place only when infections have already spread. In this paper, we present an innovative collaborative architecture for malware analysis that aims to early detection and timely deployment of countermeasures. The proposed system is a multi-tier architecture where the sensor nodes are geographically distributed over multiple organizations. These nodes send alerts to intermediate managers that, in their turn, communicate with one logical collector and analyzer. Relevant information, that is determined by the automatic analysis of the malware behavior in a sandbox, and countermeasures are sent to all the cooperating networks. There are many other novel features in the proposal. The architecture is extremely scalable and flexible because multiple levels of intermediate managers can be utilized depending on the complexity of the network of the p...
Michele Colajanni, Daniele Gozzi, Mirco Marchetti
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2008
Where SEC
Authors Michele Colajanni, Daniele Gozzi, Mirco Marchetti
Comments (0)
books