Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.
The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.
Source: NW Security 1