Fight fire with fire: the ultimate active defence
Abstract
Purpose
This paper proposes an approach to deal with malware and botnets, which in recent years have become one of the major threats in the cyber world. These malicious pieces of software can cause harm not only to the infected victims but also to actors at a much larger scale. For this reason, defenders, namely, security researchers and analysts, and law enforcement have fought back and contained the spreading infections. However, the fight is fundamentally asymmetric.
Design/methodology/approach
In this paper, the authors argue the need to equip defenders with more powerful active defence tools such as malware and botnets, called antidotes, which must be used as last resort to mitigate malware epidemics. Additionally, the authors argue the validity of this approach by considering the ethical and legal concerns of leveraging sane and compromised hosts to mitigate malware epidemics. Finally, the authors further provide evidence of the possible success of these practices by applying their approach to Hlux, Sality and Zeus malware families.
Findings
Although attackers have neither ethical nor legal constraints, defenders are required to follow much stricter rules and develop significantly more intricate tools. Additionally, attackers have been improving their malware to make them more resilient to takeovers.
Originality/value
By combining existing research, the authors provide an analysis and possible implication of a more intrusive yet effective solution for fighting the spreading of malware.
Keywords
Citation
Miraglia, A. and Casenove, M. (2016), "Fight fire with fire: the ultimate active defence", Information and Computer Security, Vol. 24 No. 3, pp. 288-296. https://doi.org/10.1108/ICS-01-2015-0004
Publisher
:Emerald Group Publishing Limited
Copyright © 2016, Emerald Group Publishing Limited