Application Reputation is also on Mozilla's Security Roadmap:
https://wiki.mozilla.org/Security/Features/Application_Reputation
This might be a good talk to go to to learn how Chrome is tackling this
problem.
~Tanvi
On 4/9/12 1:52 PM, Tanvi Vyas wrote:
Interesting talk at Stanford tomorrow.
Trying to see how this is integrated with Chrome (as is mentioned in
the bottom of the extract).
http://www.pcpro.co.uk/news/security/366577/chrome-targets-social-engineering-with-file-warnings
---------- Forwarded message ----------
From: *Ankur Taly* <at...@stanford.edu <mailto:at...@stanford.edu>>
Date: Mon, Apr 9, 2012 at 11:53 AM
Subject: TUESDAY - April 10 - Reputation Based Detection of Socially
Engineered Malware - Moheeb Abu Rajab
To: security-seminar <security-semi...@lists.stanford.edu
<mailto:security-semi...@lists.stanford.edu>>
Hi Everyone,
Unfortunately tomorrow's seminar on Android malware has been changed.
The same group from Google will instead present their work on binary
reputation in Chrome.
The new title and abstract are inlined below.
Apologies for the last minute change.
Best Regards,
Ankur.
Title: Reputation Based Detection of Socially Engineered Malware
Speaker: Moheeb Abu Rajab
Abstract:
Over the last two years, we saw the prevalence of drive-by downloads
declining. Browsers are generally becoming more secure making it
harder to deliver malware by exploiting vulnerabilities. Furthermore,
protection efforts such as Google’s Safe Browsing have successfully
detected and protected users from many of these attacks.
In response, adversaries have turned their attention to social
engineering as another major vector for distributing malware. Rather
than exploiting browser vulnerabilities, adversaries employ various
tricks to deceive users into downloading malware. Social engineering
poses different detection challenges as the lack of exploits makes it
harder to detect. Furthermore, adversaries use highly agile serving
infrastructure reducing the effectiveness of blacklist based defences.
In this talk, we present our recent effort to protect users from
socially engineered malware. We provide an overview of a large scale
operational system that protects users from malware downloads using a
reputation-based approach. Rather than exporting a blacklist, we
developed a whitelist of domains that host the majority of benign
downloads. For downloads, not in the whitelist, we developed a
server-based reputation scheme that predicts the likelihood that a
binary is malicious without requiring access to the binary content.
This service currently protects millions of Google Chrome users
against malware downloads. We present some interesting insights about
the prominent strains of malware we are seeing in the wild.
DATE: April 10 (Tuesday)
TIME: 4:30PM
VENUE: Gates 463
--++**==--++**==--++**==--++**==--++**==--++**==--++**==
security-seminar mailing list
security-semi...@lists.stanford.edu
<mailto:security-semi...@lists.stanford.edu>
https://mailman.stanford.edu/mailman/listinfo/security-seminar
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
