Similarity hash based scoring of portable executable files for efficient malware detection in IoT

YesThe current rise in malicious attacks shows that existing security systems are bypassed by malicious files. Similarity hashing has been adopted for sample triaging in malware analysis and detection. File similarity is used to cluster malware into families such that their common signature can be designed. This paper explores four hash types currently used in malware analysis for portable executable (PE) files. Although each hashing technique produces interesting results, when applied independently, they have high false detection rates. This paper investigates into a central issue of how different hashing techniques can be combined to provide a quantitative malware score and to achieve better detection rates. We design and develop a novel approach for malware scoring based on the hashes results. The proposed approach is evaluated through a number of experiments. Evaluation clearly demonstrates a significant improvement (> 90%) in true detection rates of malware

Strategies Universities’ and Colleges’ IT Leaders Use to Prevent Malware Attacks

Information systems at universities and colleges are not exempt from the threat of malware. Preventing and mitigating malware attacks is important to universities’ and colleges’ IT leaders to protect sensitive data confidentiality. Grounded in general system theory, the purpose of this exploratory multiple case study was to explore strategies universities’ and colleges’ information technology (IT) leaders use to prevent and mitigate malware attacks. Participants consisted of 6 IT leaders from 3 universities and colleges in Southern California responsible for preventing and mitigating malware attacks. Data were collected through semistructured video teleconferences and 7 organizational documents. Three significant themes emerged through thematic analysis: personnel issues, security planning, and security management practices. A key recommendation is for IT leaders to implement a training and awareness program to address personnel issues. The implications for positive social change include IT leaders potential to secure students’, parents’, and faculty\u27s confidential information, thereby reducing IT protection costs and preventing identity theft