Yes, malware commonly targets the Windows operating system. But if you limit malware analysis to Windows OS, you're leaving gaping vulnerabilities, says Christopher Kruegel of Lastline Inc. Here's how to maximize your analysis.
Kruegel, CEO of Lastline, says one common limitation of malware analysis is that organizations focus too much of their activity on Windows OS.
"On one hand, of course, that makes sense because a lot of organizations do have Windows machines," Kruegel says. "But it does fail to consider a large portion of the vulnerability surface that exists with malware that is targeting, say, Mac OS machines or malware that is targeting mobile phone such as Android or iOS platforms, or attacks that are not necessarily targeting Windows itself, but maybe the browsers that are operating on top of Windows."
In an interview about improving malware analysis, Kruegel discusses:
- What commonly is overlooked in malware analysis;
- The benefits of analyzing non-Windows OS;
- How to improve visibility into a malware-based breach.
Kruegel's research interests focus on computer and communications security, with an emphasis on malware analysis and detection, web security, and intrusion detection. He is a Professor of Computer Science at UC Santa Barbara. He has published more than 100 peer-reviewed papers in top computer security conferences and has been the recipient of the NSF CAREER Award, MIT Technology Review TR35 Award for young innovators, IBM Faculty Award, and several best paper awards.