Sunday, February 12, 2006

what is stealth?

stealth is a property held by instances of malware that employ stealth techniques... stealth techniques are any techniques which serve to hide something (usually malware) from something else (usually the user or security software employed by the user)...

in malware, stealth is not an attack in and of itself but rather it is an adaptive strategy applied to other attack techniques in order to increase their likelihood of success... by keeping evidence of the attack hidden, the window of opportunity for the attack to succeed remains open longer and therefore the number of opportunities encountered that could lead to success tends to increase...

virtually all classes of malware have employed stealth techniques at one time or another, however not all instances of malware employ stealth techniques... further, stealth techniques are not exclusively the domain of malware - stealth has been employed in legitimate applications too... in fact there are some cases where stealth is used to hide information used by anti-malware applications from the very malware they're trying to protect against...

back to index

0 comments: