Find Malware Before it Hurts You
It is easy to track malware before it causes severe damage. A new research report reveals that network analysis can easily identify malware in advance. The researchers analyzed 27 million DNS requests by malware, finding re-registrations of expired domains to be a dead giveaway of malicious activity.
The report says that the new malware tracking technology takes advantage of network-supplied barometers. That means it’s not necessary to focus on identifying malicious code already present on the device and network. Instead, administrators can easily find the malware code by analyzing network traffic created by the hacker.
How can I anticipate malware?
Setting up an online presence is the first sign of an infection. After this is detected, it becomes easy to track the presence of malicious software in a network. The research found that some network systems are more prone than others. For example, networks with free domain registration allow attackers to add more domains. Hackers will do this, and their subsequent activity can be tracked.
Researchers state that clues to a piece of malware’s presence appear in network traffic data before an attack occurs. They found this out by parsing the network into analyzable pieces. They recommend that network administrators should focus on reducing the number of unknowns in a network. This makes it easy to sniff out inappropriate activity taking place on the network.
Kevin Jones87 Posts
Kevin has been into researching and writing about network security for almost two decades, earning a reputation as one of the finest among cyber experts.