Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - Malware Evolution Calls for Actor Attribution: Robmertik Actor Located 1 1

An anonymous reader writes: "What makes one novel strain of malicious software more dangerous or noteworthy than another? Is it the sheer capability and feature set of the new malware, or are these qualities meaningless without also considering the skills, intentions and ingenuity of the person wielding it? Most experts probably would say it’s important to consider attribution insofar as it is knowable, but it’s remarkable how seldom companies that regularly publish reports on the latest criminal innovations go the extra mile to add context about the crooks apparently involved in deploying those tools."

Comment: Re:Chinglish (Score 1) 578 578

Creole languages originate as a pidgin language. Pidgins typically develop in a colony situation or any time there is a power differential between two groups in one location that do not share a language. A pidgin develops as a necessary method of communication between a local population and a more powerful colonizer or invader. A pidgin is not spoken natively because it is developed after the age of acquisition in humans (12-14), it is therefore a fabricated amalgam. A creole is a full fledged language that develops in the location that a pidgin has been spoken for a significant period of time, basically enough time for children to have grown up with the pidgin and had time to combine it into a new native language, the creole.

Comment: Re:The most obvious problem with this approach (Score 1) 97 97

There may be cases where a single "species" of bacteria has a varying rate of horizontal transfer based on its host species. It may have more exposure to a different species of bacteria that it is able to trade genes with because that other species is exclusive to one of the two hosts rather than both. In cases like these, you could name each by its code. I think the ultimate goal is to make clear naming distinctions that reflect actual differences in populations of organisms.

Comment: Biology and Computer Science Two Way Street (Score 5, Insightful) 97 97

Last month, at ShmooCon a talk was given about spatial analysis of malware samples. The technique is borrowed directly from bioinformatics. This is a great example of techniques from Biology being used effectively in the IT security realm.

I hope that the researcher involved in naming organisms based on hash algorithms chooses context triggered piecewise hashes (CTPH) AKA fuzzy hashing or a similarity hash algorithm rather than an algorithm like SHA512. Google's simhash or at least the ideas of this type of algorithm would lend itself much better to the naming of organisms.

FYI: a FOSS implementation of fussy hashing is called ssdeep. The project site is here. This is an implementation that is widely used in open source malware analysis tools like Cuckoo Sandbox.

Comment: Parkinson's Law coming to a fat pipe near you (Score 1) 338 338

Data expands to fill the space available. It doesn't matter what the super fast super large digital thing is this year, at some point it will feel slow and old. Remember 10Mbit ethernet? That was TEN times as fast as 1Mbit!!!!!! It GIFs loaded instantly from your fileserver compared to waiting for them to load on dialup.

The first myth of management is that it exists. The second myth of management is that success equals skill. -- Robert Heller

Working...