A software audit framework for spyware risk mitigation

Clutterbuck, P. J. and O'Brien, P. F. (2006). A software audit framework for spyware risk mitigation. In: S. Chatterjee and R. Alan Hevner, Proceedings of the 1st International Conference on Design Science Research in Information Systems and Technology. International Conference on Design Science Research in Information Systems and Technology (1st, 2006), Claremont, CA, U.S.A., (461-474). 24-25 February 2006.

Author Clutterbuck, P. J.
O'Brien, P. F.
Title of paper A software audit framework for spyware risk mitigation
Conference name International Conference on Design Science Research in Information Systems and Technology (1st, 2006)
Conference location Claremont, CA, U.S.A.
Conference dates 24-25 February 2006
Proceedings title Proceedings of the 1st International Conference on Design Science Research in Information Systems and Technology
Place of Publication Claremont, CA, U.S.A.
Publisher Claremont Graduate University
Publication Year 2006
Sub-type Fully published paper
Editor S. Chatterjee
R. Alan Hevner
Start page 461
End page 474
Total pages 14
Collection year 2006
Language eng
Abstract/Summary Our research described in this paper identifies a three part premise relating to the spyware paradigm. Firstly the data suggests spyware is proliferating at an exponential rate. Secondly ongoing research confirms that spyware produces many security risks – including that of privacy/confidentiality breaches via illicit data collection and reporting. Thirdly, anti-spyware controls are improving but are still considered problematic for several reasons. Our research then concludes that control measures to counter this very significant challenge should merit compliance auditing – and this auditing may effectively target the vital message passing performed by all illicit data collection spyware. Our research then evolves into an experiment involving the design and implementation of a software audit tool to conduct the desired compliance auditing. The software audit tool is positioned at the protected network’s gateway. The software audit tool uses ‘phone-home’ IP addresses as spyware signatures to detect the presence of the offending software. The audit tool also has the capability to differentiate legitimate message passing software from that produced by spyware – and ‘learn’ both new spyware signatures and new legitimate message passing profiles. The testing stage of the software has proven successful – albeit using very limited levels of network message passing variety and frequency.
Subjects E1
700102 Application tools and system utilities
280505 Data Security
280109 Decision Support and Group Support Systems
0806 Information Systems
Keyword Software
data security
Q-Index Code E1
Q-Index Status Provisional Code
Institutional Status UQ

 
Versions
Version Filter Type
Citation counts: Google Scholar Search Google Scholar
Access Statistics: 91 Abstract Views  -  Detailed Statistics
Created: Thu, 23 Aug 2007, 22:21:29 EST