Signatures, Heuristics and Behavior Blocking

Page Content

Sarah Merrion - Symantec

Feb 18, 2004

RealMedia Icon RealVideo

Abstract

Blended threats, which use combinations of malicious code to transmit and
spread attacks, are increasing and are among the most important trends to
watch and guard against in 2004. By using multiple techniques, blended
threats can spread to large numbers of hosts, causing rapid and widespread
damage, as evidenced by the examples seen in August, 2003. Today's
protection to these threats rely heavily on reactive technologies rather an
a proactive mitigation approach. This presentation will look at three
technologies for detecting malicious code: signature based detection
(fingerprinting), heuristics, and behavior blocking as solutions to address
these threats. We'll discuss where technology is headed and how to optimize
protection for the fast spreading threats of the future.

About the Speaker

Sarah Merrion is a Principal Security Consultant at Symantec Corporation.
She received her MS in Telecommunications from DePaul University in 2002
and has been working in the information security field for over 7 years.
Sarah specializes in developing comprehensive security solutions around the
threats of malicious code.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...

© 1999-2013 Purdue University. All rights reserved.

Use/Reuse Guidelines

CERIAS Seminar materials are intended for educational, non-commercial use only and any or all commercial use is prohibited. Any use must attribute "The CERIAS Seminar at Purdue University." Opinions expressed in the recordings are not necessarily representative of the views of CERIAS or of Purdue University.