The unexamined life-missing metrics of malware

David Perry Trend Micro

There are so many metrics, so many stats produced in this industry, and almost all of them are produced for our (the vendors') purposes. We look to prove the effectiveness of scanning, the reach and scope of a particular attack, but our metrics are centred in our own world view. For years I have been asked salient questions by reporters, by the general public, and by listeners on radio and in person that are nowhere addressed by our industry.

While we all report vulnerabilities as they are disclosed, we never follow up as to whether these vulnerabilities move on to become attacks. What percentage of vulnerabilities actually become malware? Is there a measurable window for attacking after disclosure of a particular vulnerability? How many that go proof of concept actually move on to a genuine malicious attack? We may be able to extrapolate statistics like these from the known data, but they are not 'salable' in our normal business - the only people such data would serve would be the general public and computer users everywhere. In other words, the people who need help most desperately.

This presentation will report which metrics the researchers and I can create and map, and will discuss the possible methods of obtaining them and what use they can be to the public at large.

 del.icio.us  digg this! digg this

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 23 comments

SMI Oil and Gas Cyber Security 2014

Virus Bulletin
In this month's magazine:
  • VBSpam comparative review March 2014
  • VB100 comparative review on Ubuntu Server 12.04LTS
  • The shape of things to come
  • Threat intelligence sharing: tying one hand behind our backs
  • The curse of Necurs, part 1
  • More fast or more dirty?
  • Tofsee botnet
  • Back to VBA
  • Is the security industry up to the new challenges to come?
  • Greetz from academe: No place to Hyde
Virus Bulletin 04 2014
Subscribe now!

Virus Bulletin currently has 231,303 registered users.