Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Effects of Worms on Internet Routing Stability
This article discusses the impact of worms on Internet endpoints and infrastructure, as well as their impact on global routing instability throughout the Internet.
Malware Myths and Misinformation Part 2
This article is the second of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection.
Malware Myths and Misinformation, Part 1
This article is the first of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. The fallacies we address here tend to begin with the words "I'm safe from viruses because..."
Anti-Virus Defence In Depth
This article will discuss defence in depth as it applies to anti-virus protection. While there are many papers written on this topic, most miss out on two crucial components: layered best of breed AV protection and centralized reporting and control.
An Analysis of Simile
Virus writers have always tried new methods to evade detection, from encryption to polymorphism to EPO (entry point obscuring). Finally, virus writers used the cross-platform infection to increase the number of available infection vectors. Thus, it was no surprise when a virus that combined these methods was discovered - Simile.
Are You Infected? Detecting Malware Infection
Once executed, malware can perform its intended malicious function on a system. Unfortunately, it may not always be apparent to users that their system is indeed infected. This article will discuss how to determine whether or not the system has been infected and will offer some tips on to manually disinfect the system.
Smallpot: Tracking the Slapper and Scalper Unix Worms
As Unix worms become more common, it would be very interesting to compare the spreading of Linux and FreeBSD malware with their Win32 counterparts as a means of evaluating the relative security of these platforms. This article will look at the Smallpot Project, a generic honeypot designed to track almost any malware on the Internet, using the Slapper and Scalper worms as a case study.
OpenAV: Developing Open Source AntiVirus Engines
The OpenAntivirus Project was founded to bring together antivirus programmers to develop open source antivirus protection. This article will take a look at the OpenAntiVirus AV engine, assess its progress so far, and offer some suggestions of how the developers can continue to develop it.
.NET/MSIL Malicious Code and AV/Heuristic Engines
While the Windows .NET strategy incorporates numerous aspects, this article will focus on what aspects to cover in developing an AV/heuristic engine for this new platform. Specifically, it will address the additions introduced by .NET technologies to standard Windows PE (portable executable) file format and how that will affect the development of an effective heuristic engine. It will also briefly discuss the existing malicious codes for the .NET environment.
Polymorphic Macro Viruses, Part Two
This article is the second of a two-part series that will offer a brief overview of polymorphic strategies in macro viruses. This installment will look at the first serious polymorphic macro viruses, as well as the evolution of viruses into true polymorphic and, ultimately, metamorphic viruses.