Have you checked our white papers page at https://www.welivesecurity.com/papers/conference-papers/ lately?
We've recently put up a paper by Jeff Debrosse and David Harley that was presented at the 19th Virus Bulletin Conference in Geneva in 2009, and called "Malice Through the Looking Glass: Behaviour Analysis for the Next Decade".
The paper whttp://www.eset.com/download/whitepapers/Harley-Debrosse-VB2009.pdfhttps://www.welivesecurity.com/media_files/white-papers/Harley-Debrosse-VB2009.pdfas first published in Virus Bulletin 2009 Conference Proceedings..
Copyright is held by Virus Bulletin Ltd, but is made available on our site for personal use free of charge, by permission of Virus Bulletin.
Here's the abstract:
Most VB attendees have a major interest in malicious code. Often they focus on the highly technical issues around the intricacies of malware technology and counter-technology, the
programmatic detail of attack and counter-attack. Sometimes they focus instead on the higher level application of defensive technology to corporate or infrastructural environments, even the entire Internet. More rarely, they look at the human side of malware management, mostly from the point of view of involving the potential victim (individual or organization under attack) in the defensive process (education and training, policy enforcement and so on).
However, malware is only part of a complex process of malicious exploitation. Behaviour analysis is a crucial topic in 21st century anti-malware, but rather than focusing purely on programmatic behaviour, should we not be looking at the psychosocial behaviours that underpin the exploitation mechanism? (By this we mean not only the behaviour of the criminal, but that of the victim.) This paper considers steps towards a holistic approach to behaviour analysis that would enable us to treat the disease rather than the symptom, drawing on both social and computer science.
David Harley
Director of Malware Intelligence
