|
Software Taggant
A software taggant is a cryptographic signature added to software that enables positive origin identification and integrity of programs. Software taggants use standard PKI techniques (see Public key infrastructure) and were introduced by the Industry Connections Security Group of IEEE in an attempt to control proliferation of malware obfuscated via executable compression (runtime packer). The concept of a PKI-based system to mitigate runtime packer abuse was introduced in 2010 and described in a Black Hat Briefings presentation by Mark Kennedy and Igor Muttik. The term was proposed by Arun Lakhotia (due to its similarities with chemical taggants) who also analyzed the economics of a packer ecosystem. A software taggant is a form of code signing somewhat similar to Microsoft's Authenticode. The key differences between a software taggant and Authenticode are that the transparent and free addition of a software taggant for the end user of a runtime packer. Also, a software taggant may ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Public Key Infrastructure
A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. In cryptography, a PKI is an arrangement that ''binds'' public keys with respective identities of entities (like people and organizations). The binding is established through a process of registration and issuance of certificates at and by a certificate authority (CA). Depending on the assurance level of the binding, this may be carried out by an automa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Industry Connections Security Group
{{no footnotes, date=June 2014 The Industry Connections Security Group (IEEE ICSG) is a global group of computer security entities (past and present members include: Anh Labs, AVG Technologies, AVG, Avira, ESET, F-Secure, K7 Computing, Kaspersky Labs, Marvell Technology Group, Marvell, Intel Security, McAfee, Microsoft, Palo Alto Networks, Panda Security, Panda Software, SafeNet, Sophos, NortonLifeLock, Symantec and Trend Micro) that have come together under IEEE to pool their experience and resources in combating the systematic and rapid rise in computer security threats. IEEE ICSG activities include: * Anti-malware working group * Malware meta-data exchange standard (MMDEF) working group * Privilege Management Protocols working group * Anti-malware support service which includes ** The software taggant, taggant system ** Clean meta-data exchange system (CMX) External links IEEE ICSGICSG AMSSMalware meta-data exchange format Computer security organizations ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IEEE
The Institute of Electrical and Electronics Engineers (IEEE) is a 501(c)(3) professional association for electronic engineering and electrical engineering (and associated disciplines) with its corporate office in New York City and its operations center in Piscataway, New Jersey. The mission of the IEEE is ''advancing technology for the benefit of humanity''. The IEEE was formed from the amalgamation of the American Institute of Electrical Engineers and the Institute of Radio Engineers in 1963. Due to its expansion of scope into so many related fields, it is simply referred to by the letters I-E-E-E (pronounced I-triple-E), except on legal business documents. , it is the world's largest association of technical professionals with more than 423,000 members in over 160 countries around the world. Its objectives are the educational and technical advancement of electrical and electronic engineering, telecommunications, computer engineering and similar disciplines. History Origin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy $6 trillion USD in 2021, and is increasing at a rate of 15% per year. Many types of malware exist, including computer viruses, worms, Trojan horses, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Executable Compression
Executable compression is any means of compressing an executable file and combining the compressed data with decompression code into a single executable. When this compressed executable is executed, the decompression code recreates the original code from the compressed code before executing it. In most cases this happens transparently so the compressed executable can be used in exactly the same way as the original. Executable compressors are often referred to as "runtime packers", "software packers", "software protectors" (or even " polymorphic packers" and " obfuscating tools"). A compressed executable can be considered a self-extracting archive, where a compressed executable is packaged along with the relevant decompression code in an executable file. Some compressed executables can be decompressed to reconstruct the original program file without being directly executed. Two programs that can be used to do this are CUP386 and UNP. Most compressed executables decompress the or ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Runtime Packer
Executable compression is any means of compressing an executable file and combining the compressed data with decompression code into a single executable. When this compressed executable is executed, the decompression code recreates the original code from the compressed code before executing it. In most cases this happens transparently so the compressed executable can be used in exactly the same way as the original. Executable compressors are often referred to as "runtime packers", "software packers", "software protectors" (or even " polymorphic packers" and " obfuscating tools"). A compressed executable can be considered a self-extracting archive, where a compressed executable is packaged along with the relevant decompression code in an executable file. Some compressed executables can be decompressed to reconstruct the original program file without being directly executed. Two programs that can be used to do this are CUP386 and UNP. Most compressed executables decompress the or ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Black Hat Briefings
Black Hat Briefings (commonly referred to as Black Hat) is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world. Black Hat brings together a variety of people interested in information security ranging from non-technical individuals, executives, hackers, and security professionals. The conference takes place regularly in Las Vegas, Barcelona, London and Riyadh. The conference has also been hosted in Amsterdam, Tokyo, and Washington, D.C. in the past. History The first Black Hat was held July 7-10, 1997 in Las Vegas, immediately prior to DEF CON 5. The conference was aimed at the computer industry, promising to give them privileged insight into the minds and motivations of their hacker adversaries. Its organizers stated: "While many conferences focus on information and network security, only the Black Hat Briefings will put your engineers and software programmers face-to-face ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Igor Muttik
Igor Muttik (born 1962 in Russia) is a computer security expert, researcher and inventor. Career Igor Muttik is a Senior Principal Research Architect with McAfee which is part of Intel Corporation since 2011. He started researching computer malware in 1980s when anti-virus industry was in its infancy. Muttik holds a PhD degree in physics and mathematics from the Moscow State University. He has been a member of CARO (Computer Antivirus Research Organization) since 1994, and worked as a virus researcher for Dr Solomon's Antivirus, Dr. Solomon’s Software. Since 1998 Muttik was running McAfee’s anti-malware research in Europe, the Middle East and Africa, EMEA and switched to his architectural role in 2002. In 2008 he was one of the co-founders of AMTSO (Anti-Malware Testing Standards Organization) and was on the Board of AMTSO for 3 years. Muttik was also a co-founder of Industry Connections Security Group (ICSG is part of IEEE) - he is the chair of the software taggant, taggant sy ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Taggant
A taggant is any chemical or physical marker added to materials to allow various forms of testing. Physical taggants can take many different forms but are typically microscopic in size, included at low levels, and simple to detect. They can be utilized to differentiate authentic product from counterfeits, provide identifying information for traceability purposes (e.g. lot number, company name), determine mixing homogeneity and cross-contamination, and to detect dilution of proprietary products. Taggants are known to be widely used in the animal feed industry, plastics, inks, sheet and flexible explosives, and pharmaceuticals. An RF taggant is a radio frequency microchip used in automated identification and data capture (see RFID). In such cases, electronic devices use radio waves to track and identify items, such as pharmaceutical products, by assigning individual serial numbers to the containers holding each product. This technology may prevent the diversion or counterfeiting ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Code Signing
Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to validate authenticity and integrity. Code signing was invented in 1995 by Michael Doyle, as part of the Eolas WebWish browser plug-in, which enabled the use of public-key cryptography to sign downloadable Web app program code using a secret key, so the plug-in code interpreter could then use the corresponding public key to authenticate the code before allowing it access to the code interpreter’s APIs. Code signing can provide several valuable features. The most common use of code signing is to provide security when deploying; in some programming languages, it can also be used to help prevent namespace conflicts. Almost every code signing implementation will provide some sort of digital signature mechanism to verify the identity of the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Microsoft
Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washington, United States. Its best-known software products are the Windows line of operating systems, the Microsoft Office suite, and the Internet Explorer and Edge web browsers. Its flagship hardware products are the Xbox video game consoles and the Microsoft Surface lineup of touchscreen personal computers. Microsoft ranked No. 21 in the 2020 Fortune 500 rankings of the largest United States corporations by total revenue; it was the world's largest software maker by revenue as of 2019. It is one of the Big Five American information technology companies, alongside Alphabet, Amazon, Apple, and Meta. Microsoft was founded by Bill Gates and Paul Allen on April 4, 1975, to develop and sell BASIC interpreters for the Altair 8800. It rose to do ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authenticode
Code signing is the process of digitally Digital signatures and law, signing executables and scripting language, scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a Cryptographic hash function, cryptographic hash to validate authenticity and integrity. Code signing was invented in 1995 by Michael Doyle, as part of the Eolas WebWish browser plug-in, which enabled the use of public-key cryptography to sign downloadable Web app program code using a secret key, so the plug-in code interpreter could then use the corresponding public key to authenticate the code before allowing it access to the code interpreter’s APIs. Code signing can provide several valuable features. The most common use of code signing is to provide security when deploying; in some programming languages, it can also be used to help prevent namespace conflicts. Almost every code signing implementation will prov ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
