Abstract: A malware and exploit campaign detection system and method are provided that cannot be detected by the malware or exploit campaign. The system may provide threat feed data to the vendors that produce in-line network security and end point protection (anti virus) technologies. The system may also be used as a testing platform for 3rd party products. Due to the massive footprint of the system's cloud infrastructure and disparate network connections and geo-location obfuscation techniques, NSS can locate and monitor malware across the globe and provide detailed threat analysis for each specific region, as they often support and host different malware/cybercrime campaigns.
Abstract: A system and method for modeling viable threats and for evading deployed defenses on a network are described. As a defensive tool used for threat modeling, the system and method allows those responsible for the safety of their critical infrastructure and intellectual property to have a clear view of all failures in the security countermeasure products they have deployed. As an offensive tool used for defense evasion modeling, the system and method can be used to quickly ascertain a viable attack vector, select exploitation code, and cross-reference those exploits that will bypass every layer of countermeasure technologies to commercially- and publicly-accessible crimeware and security testing tools.