Date Added: Nov 2012
Numerous attacks, such as worms, phishing and botnets, threaten the availability of the Internet, the integrity of its hosts and the privacy of its users. A core element of defense against these attacks is Anti-Virus (AV) - a service that detects, removes and characterizes these threats. The ability of these products to successfully characterize these threats has far-reaching effects - from facilitating sharing across organizations, to detecting the emergence of new threats and assessing risk in quarantine and cleanup. The authors present the nepenthes platform, a framework for large-scale collection of information on self-replicating malware in the wild. The basic principle of nepenthes is to emulate only the vulnerable parts of a service.