SlideShare a Scribd company logo

Virus Detection Based on Virus Throttle Technology

Ahmed Muzammil
Ahmed Muzammil

In the Internet age, virus epidemics are getting worse than before, making the networks slow, computers slow, suspending mission critical operations and so on. In this presentation, a new technique for virus detection based on virus throttle technology is presented. This technique allows detecting attacks on networks within seconds of possible virus affection. The special feature of this technology is that its virus detection algorithm is based on the network behavior of the virus and not on identification of virus code. So it is possible to detect even unknown viruses without any signature updates. The technology white paper is available at the following link: http://www.slideshare.net/ahmedmzl/virus-detection-based-on-virus-throttle-technology

Technology
1 of 16
Download to read offline
VIRUS DETECTION BASED ON VIRUS THROTTLE TECHNOLOGY Ahmed Muzammil Jamal Mohamed ahmedmuzammil@outlook.com
Virus ¨  Infects or Corrupts Files ¨  Hidden in Code ¨  Can be Metamorphic ¨  Can’t Surivive Itself ¨  Propagates by sharing files ¨  Propagates by affecting open network shares
Trojan ¨  Appears as a useful file - “waterfalls.scr” ¨  Undesired Functionality ¨  Executes malicious code along with the useful code ¨  Unable to identify by a naïve user
Worm ¨  A malicious program ¨  Self Replicating ¨  Doesn’t need a host program ¨  Harms network - Consumes Local Resources - Consumes Bandwidth
Limitations of Existing Virus Detection Methods ¨  They detect viruses based on signature recognition ¨  Based on physical characteristics of the virus ¨  Effectiveness decreases w.r.t. no. of viruses ¨  Takes time to release the signature of a new virus ¨  Need for a new solution: Machine Speed vs. Human Speed
Virus Throttle – What is it ? ¨  Car Throttle – Reduce Speed ¨  Virus Throttle is based on the behavior of malicious code ¨  Malicious Code make many connections to new computers ¨  SQL Slammer - >800 Connections per Second ¨  Rate Limit on Connections to New Computers
Virus Throttle – How It Works ?
Example Worm – W32/Nimda-D ¨  Tests carried out at HP Labs using the W32/Nimda-D worm and several other test worms ¨  W32/Nimda-D - It is a mass-mailing worm - It affects both local files and network shares - Creates 120+ connections per second ¨  Test Worms had different frequencies of connections
Detection of W32/Nimda-D Worm using the traditional approach ¨  The virus spreads rapidly ¨  Need for signature update ¨  Without signature update - Temporary Solution - Suspend the network - Financial / Productivity Loss ¨  After signature update - Each computer has to be disinfected - Takes days to complete
Detection of W32/Nimda-D Worm using the Virus Throttle ¨  Throttle detects the process ¨  Throttle cuts the extra connections ¨  Thus no or less number of PCs are affected.
Advantages of Virus Throttle ¨  Works without knowing anything about the virus ¨  Protection only slows down the network traffic ¤  Thus false negatives don’t have much effect ¨  Gives IT staff time to react ¨  Effects of deploying the Virus Throttle widely ¤  Difficult for viruses to spread at all
Results connections stopping allowed per second   time   connections   Nimda   120   0.25s   1   Test Worm   20   5.44s   5   40   2.34s   2   60   1.37s   1   80   1.04s   1   100   0.91s   1   150   0.21s   0   200   0.02s   0   SQL Slammer   850   0.02s   0  
Virus Detection on PC based on Virus Throttle Technology ¨  Traditional Virus Scanners scan all the files ¨  Consume much of the processing resource ¨  The new technique filters the files that have to be scanned.
Components of the new technique for Virus Detection ¨  A gateway – Defined as THROTWALL ¨  A Traditional Virus Scanner
THROTWALL ¨  THROTWALL is similar to firewall for networks and works on the basis of Virus Throttle. ¨  Monitors running processes for suspicious activity ¨  Protects the super resources ¨  When process requests
Thank You… ¨  Read the research whitepaper here: Slideshare.net ¨  Like this presentation? Share it... ¨  Questions? Tweet me @ahmedmzl ¨  This presentation was presented at the following conferences: ¤  The IET-UK Present Around the World – India Finals ¤  National Conference on Communication and Informatics

Recommended

introtomalware
introtomalwareintrotomalware
introtomalwareAlexander Rivera
 
Proofing against malware
Proofing against malwareProofing against malware
Proofing against malwareSensePost
 
Sanmi's first pp
Sanmi's first ppSanmi's first pp
Sanmi's first ppsanmitha rao
 
Sandbox Technology in AntiVirus
Sandbox Technology in AntiVirusSandbox Technology in AntiVirus
Sandbox Technology in AntiVirusAshish Gautam
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsSomanath Kavalase
 
Malware forensic
Malware forensicMalware forensic
Malware forensicSumeraHangi
 
McAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint SecurityMcAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint Securitynetlogix
 
Five culprits of slow internet connection
Five culprits of slow internet connectionFive culprits of slow internet connection
Five culprits of slow internet connectionNexus Net
 

Recommended

introtomalware
introtomalwareintrotomalware
introtomalwareAlexander Rivera
 
Proofing against malware
Proofing against malwareProofing against malware
Proofing against malwareSensePost
 
Sanmi's first pp
Sanmi's first ppSanmi's first pp
Sanmi's first ppsanmitha rao
 
Sandbox Technology in AntiVirus
Sandbox Technology in AntiVirusSandbox Technology in AntiVirus
Sandbox Technology in AntiVirusAshish Gautam
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsSomanath Kavalase
 
Malware forensic
Malware forensicMalware forensic
Malware forensicSumeraHangi
 
McAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint SecurityMcAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint Securitynetlogix
 
Five culprits of slow internet connection
Five culprits of slow internet connectionFive culprits of slow internet connection
Five culprits of slow internet connectionNexus Net
 
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDays Riga
 
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet Pranjal Vyas
 
Computer virus presenatation
Computer virus presenatationComputer virus presenatation
Computer virus presenatationrarediamond_2012
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTamas K Lengyel
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Avast! antivirus protection
Avast! antivirus protectionAvast! antivirus protection
Avast! antivirus protectionPusat Latihan Teknologi Tinggi (Adtec) Taiping
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability TesterAditya Jain
 
WannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowWannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowSymantec Security Response
 
Malware classification and detection
Malware classification and detectionMalware classification and detection
Malware classification and detectionChong-Kuan Chen
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptxLakshayNRReddy
 
Netforts
Netforts Netforts
Netforts Wing Venture Capital
 
Worm Propagation Simulation Analysis
Worm Propagation Simulation AnalysisWorm Propagation Simulation Analysis
Worm Propagation Simulation Analysisallengalvan
 
Introduction to Malwares
Introduction to MalwaresIntroduction to Malwares
Introduction to MalwaresAbdelhamid Limami
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horsesEILLEN IVY PORTUGUEZ
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horsesEILLEN IVY PORTUGUEZ
 
Spo2 t19 spo2-t19
Spo2 t19 spo2-t19Spo2 t19 spo2-t19
Spo2 t19 spo2-t19SelectedPresentations
 
Ceh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsCeh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsMehrdad Jingoism
 
Computer Introduction-Lecture04
Computer Introduction-Lecture04Computer Introduction-Lecture04
Computer Introduction-Lecture04Dr. Mazin Mohamed alkathiri
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
Laura informatica
Laura informaticaLaura informatica
Laura informaticalaura_vanessa_villa_gil
 

More Related Content

What's hot

DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDays Riga
 
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet Pranjal Vyas
 
Computer virus presenatation
Computer virus presenatationComputer virus presenatation
Computer virus presenatationrarediamond_2012
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTamas K Lengyel
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability TesterAditya Jain
 
WannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowWannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowSymantec Security Response
 

What's hot (8)

DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
 
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
Introduction to Virus,Worms,Trojans & Malwares - NullAhm pre-meet
 
Computer virus presenatation
Computer virus presenatationComputer virus presenatation
Computer virus presenatation
 
Troopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUFTroopers15 Lightning talk: VMI & DRAKVUF
Troopers15 Lightning talk: VMI & DRAKVUF
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Avast! antivirus protection
Avast! antivirus protectionAvast! antivirus protection
Avast! antivirus protection
 
Nessus-Vulnerability Tester
Nessus-Vulnerability TesterNessus-Vulnerability Tester
Nessus-Vulnerability Tester
 
WannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to knowWannaCry ransomware outbreak - what you need to know
WannaCry ransomware outbreak - what you need to know
 

Similar to Virus Detection Based on Virus Throttle Technology

Malware classification and detection
Malware classification and detectionMalware classification and detection
Malware classification and detectionChong-Kuan Chen
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptxLakshayNRReddy
 
Worm Propagation Simulation Analysis
Worm Propagation Simulation AnalysisWorm Propagation Simulation Analysis
Worm Propagation Simulation Analysisallengalvan
 
Ceh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsCeh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsMehrdad Jingoism
 
Security threats explained
Security threats explained Security threats explained
Security threats explained Abhijeet Karve
 
Ceh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsCeh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsAsep Sopyan
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)Azmi Mohd Tamil
 
Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Stephan Chenette
 
6unit1 virus and their types
6unit1 virus and their types6unit1 virus and their types
6unit1 virus and their typesNeha Kurale
 
3. APTs Presentation
3. APTs Presentation3. APTs Presentation
3. APTs Presentationisc2-hellenic
 

Similar to Virus Detection Based on Virus Throttle Technology (20)

Malware classification and detection
Malware classification and detectionMalware classification and detection
Malware classification and detection
 
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...
 
Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch Virus and its CounterMeasures -- Pruthvi Monarch
Virus and its CounterMeasures -- Pruthvi Monarch
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
Netforts
Netforts Netforts
Netforts
 
Worm Propagation Simulation Analysis
Worm Propagation Simulation AnalysisWorm Propagation Simulation Analysis
Worm Propagation Simulation Analysis
 
Introduction to Malwares
Introduction to MalwaresIntroduction to Malwares
Introduction to Malwares
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
 
Viruses, worms, and trojan horses
Viruses, worms, and trojan horsesViruses, worms, and trojan horses
Viruses, worms, and trojan horses
 
Spo2 t19 spo2-t19
Spo2 t19 spo2-t19Spo2 t19 spo2-t19
Spo2 t19 spo2-t19
 
Ceh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsCeh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and worms
 
Computer Introduction-Lecture04
Computer Introduction-Lecture04Computer Introduction-Lecture04
Computer Introduction-Lecture04
 
Security threats explained
Security threats explained Security threats explained
Security threats explained
 
Laura informatica
Laura informaticaLaura informatica
Laura informatica
 
Web Security.pptx
Web Security.pptxWeb Security.pptx
Web Security.pptx
 
Ceh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and wormsCeh v8 labs module 07 viruses and worms
Ceh v8 labs module 07 viruses and worms
 
Safe computing (circa 2004)
Safe computing (circa 2004)Safe computing (circa 2004)
Safe computing (circa 2004)
 
Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012Watchtowers of the Internet - Source Boston 2012
Watchtowers of the Internet - Source Boston 2012
 
6unit1 virus and their types
6unit1 virus and their types6unit1 virus and their types
6unit1 virus and their types
 
3. APTs Presentation
3. APTs Presentation3. APTs Presentation
3. APTs Presentation
 

More from Ahmed Muzammil

Islam on respecting others
Islam on respecting othersIslam on respecting others
Islam on respecting othersAhmed Muzammil
 
Children upbringing in Islam, Tiger and Panda Parenting
Children upbringing in Islam, Tiger and Panda ParentingChildren upbringing in Islam, Tiger and Panda Parenting
Children upbringing in Islam, Tiger and Panda ParentingAhmed Muzammil
 
What Islam Teaches You About Healthy Food - Healthy Foods and Myths
What Islam Teaches You About Healthy Food - Healthy Foods and MythsWhat Islam Teaches You About Healthy Food - Healthy Foods and Myths
What Islam Teaches You About Healthy Food - Healthy Foods and MythsAhmed Muzammil
 
Jaspersoft Reporting v5
Jaspersoft Reporting v5Jaspersoft Reporting v5
Jaspersoft Reporting v5Ahmed Muzammil
 
XML Security Using XSLT
XML Security Using XSLTXML Security Using XSLT
XML Security Using XSLTAhmed Muzammil
 
Element wise encryption of XML using XSLT
Element wise encryption of XML using XSLTElement wise encryption of XML using XSLT
Element wise encryption of XML using XSLTAhmed Muzammil
 
Virus detection based on virus throttle technology
Virus detection based on virus throttle technologyVirus detection based on virus throttle technology
Virus detection based on virus throttle technologyAhmed Muzammil
 
An Introduction to JSON JavaScript Object Notation
An Introduction to JSON JavaScript Object NotationAn Introduction to JSON JavaScript Object Notation
An Introduction to JSON JavaScript Object NotationAhmed Muzammil
 

More from Ahmed Muzammil (8)

Islam on respecting others
Islam on respecting othersIslam on respecting others
Islam on respecting others
 
Children upbringing in Islam, Tiger and Panda Parenting
Children upbringing in Islam, Tiger and Panda ParentingChildren upbringing in Islam, Tiger and Panda Parenting
Children upbringing in Islam, Tiger and Panda Parenting
 
What Islam Teaches You About Healthy Food - Healthy Foods and Myths
What Islam Teaches You About Healthy Food - Healthy Foods and MythsWhat Islam Teaches You About Healthy Food - Healthy Foods and Myths
What Islam Teaches You About Healthy Food - Healthy Foods and Myths
 
Jaspersoft Reporting v5
Jaspersoft Reporting v5Jaspersoft Reporting v5
Jaspersoft Reporting v5
 
XML Security Using XSLT
XML Security Using XSLTXML Security Using XSLT
XML Security Using XSLT
 
Element wise encryption of XML using XSLT
Element wise encryption of XML using XSLTElement wise encryption of XML using XSLT
Element wise encryption of XML using XSLT
 
Virus detection based on virus throttle technology
Virus detection based on virus throttle technologyVirus detection based on virus throttle technology
Virus detection based on virus throttle technology
 
An Introduction to JSON JavaScript Object Notation
An Introduction to JSON JavaScript Object NotationAn Introduction to JSON JavaScript Object Notation
An Introduction to JSON JavaScript Object Notation
 

Recently uploaded

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Recently uploaded (20)

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

Virus Detection Based on Virus Throttle Technology

  • 1. VIRUS DETECTION BASED ON VIRUS THROTTLE TECHNOLOGY Ahmed Muzammil Jamal Mohamed ahmedmuzammil@outlook.com
  • 2. Virus ¨  Infects or Corrupts Files ¨  Hidden in Code ¨  Can be Metamorphic ¨  Can’t Surivive Itself ¨  Propagates by sharing files ¨  Propagates by affecting open network shares
  • 3. Trojan ¨  Appears as a useful file - “waterfalls.scr” ¨  Undesired Functionality ¨  Executes malicious code along with the useful code ¨  Unable to identify by a naïve user
  • 4. Worm ¨  A malicious program ¨  Self Replicating ¨  Doesn’t need a host program ¨  Harms network - Consumes Local Resources - Consumes Bandwidth
  • 5. Limitations of Existing Virus Detection Methods ¨  They detect viruses based on signature recognition ¨  Based on physical characteristics of the virus ¨  Effectiveness decreases w.r.t. no. of viruses ¨  Takes time to release the signature of a new virus ¨  Need for a new solution: Machine Speed vs. Human Speed
  • 6. Virus Throttle – What is it ? ¨  Car Throttle – Reduce Speed ¨  Virus Throttle is based on the behavior of malicious code ¨  Malicious Code make many connections to new computers ¨  SQL Slammer - >800 Connections per Second ¨  Rate Limit on Connections to New Computers
  • 7. Virus Throttle – How It Works ?
  • 8. Example Worm – W32/Nimda-D ¨  Tests carried out at HP Labs using the W32/Nimda-D worm and several other test worms ¨  W32/Nimda-D - It is a mass-mailing worm - It affects both local files and network shares - Creates 120+ connections per second ¨  Test Worms had different frequencies of connections
  • 9. Detection of W32/Nimda-D Worm using the traditional approach ¨  The virus spreads rapidly ¨  Need for signature update ¨  Without signature update - Temporary Solution - Suspend the network - Financial / Productivity Loss ¨  After signature update - Each computer has to be disinfected - Takes days to complete
  • 10. Detection of W32/Nimda-D Worm using the Virus Throttle ¨  Throttle detects the process ¨  Throttle cuts the extra connections ¨  Thus no or less number of PCs are affected.
  • 11. Advantages of Virus Throttle ¨  Works without knowing anything about the virus ¨  Protection only slows down the network traffic ¤  Thus false negatives don’t have much effect ¨  Gives IT staff time to react ¨  Effects of deploying the Virus Throttle widely ¤  Difficult for viruses to spread at all
  • 12. Results connections stopping allowed per second   time   connections   Nimda   120   0.25s   1   Test Worm   20   5.44s   5   40   2.34s   2   60   1.37s   1   80   1.04s   1   100   0.91s   1   150   0.21s   0   200   0.02s   0   SQL Slammer   850   0.02s   0  
  • 13. Virus Detection on PC based on Virus Throttle Technology ¨  Traditional Virus Scanners scan all the files ¨  Consume much of the processing resource ¨  The new technique filters the files that have to be scanned.
  • 14. Components of the new technique for Virus Detection ¨  A gateway – Defined as THROTWALL ¨  A Traditional Virus Scanner
  • 15. THROTWALL ¨  THROTWALL is similar to firewall for networks and works on the basis of Virus Throttle. ¨  Monitors running processes for suspicious activity ¨  Protects the super resources ¨  When process requests
  • 16. Thank You… ¨  Read the research whitepaper here: Slideshare.net ¨  Like this presentation? Share it... ¨  Questions? Tweet me @ahmedmzl ¨  This presentation was presented at the following conferences: ¤  The IET-UK Present Around the World – India Finals ¤  National Conference on Communication and Informatics