- Title
- Testing antivirus engines to determine their effectiveness as a security layer
- Creator
- Haffejee, Jameel
- Creator
- Irwin, Barry V W
- Subject
- To be catalogued
- Date Issued
- 2014
- Date
- 2014
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/429673
- Identifier
- vital:72631
- Identifier
- 10.1109/ISSA.2014.6950496
- Description
- This research has been undertaken to empirically test the assumption that it is trivial to bypass an antivirus application and to gauge the effectiveness of antivirus engines when faced with a number of known evasion techniques. A known malicious binary was combined with evasion techniques and deployed against several antivirus engines to test their detection ability. The research also documents the process of setting up an environment for testing antivirus engines as well as building the evasion techniques used in the tests. This environment facilitated the empirical testing that was needed to determine if the assumption that antivirus security controls could easily be bypassed. The results of the empirical tests are also presented in this research and demonstrate that it is indeed within reason that an attacker can evade multiple antivirus engines without much effort. As such while an antivirus application is useful for protecting against known threats, it does not work as effectively against unknown threats.
- Format
- 6 pages
- Format
- Language
- English
- Relation
- Information Security for South Africa
- Relation
- Haffejee, J. and Irwin, B., 2014, August. Testing antivirus engines to determine their effectiveness as a security layer. In 2014 Information Security for South Africa (pp. 1-6). IEEE
- Relation
- Information Security for South Africa volume 2014 number 1 1 6 2014 2330-9881
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the IEEE Xplore Terms of Use Statement (https://ieeexplore.ieee.org/Xplorehelp/overview-of-ieee-xplore/terms-of-use)
- Hits: 168
- Visitors: 188
- Downloads: 24
Collections
Irwin, Barry V W (Prof)
SDG 09. Industry, Innovation and Infrastructure
RU Department of Computer Science
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | Testing antivirus engines to determine their effectiveness as a security layer.pdf | 641 KB | Adobe Acrobat PDF | View Details Download |