• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   whitelisting

Smart Whitelisting Using Locality Sensitive Hashing

  • Posted on:March 30, 2017 at 3:12 am
  • Posted in:Malware, Open source
  • Author:
    Trend Micro
0

Locality Sensitive Hashing (LSH) is an algorithm known for enabling scalable, approximate nearest neighbor search of objects. LSH enables a precomputation of a hash that can be quickly compared with another hash to ascertain their similarity. A practical application of LSH would be to employ it to optimize data processing and analysis. An example is transportation company Uber, which implemented LSH in the infrastructure that handles much of its data to identify trips with overlapping routes and reduce inconsistencies in GPS data. Trend Micro has been actively researching and publishing reports in this field since 2009. In 2013, we open sourced an implementation of LSH suitable for security solutions: Trend Micro Locality Sensitive Hashing (TLSH).

TLSH is an approach to LSH, a kind of fuzzy hashing that can be employed in machine learning extensions of whitelisting. TLSH can generate hash values which can then be analyzed for similarities. TLSH helps determine if the file is safe to be run on the system based on its similarity to known, legitimate files. Thousands of hashes of different versions of a single application, for instance, can be sorted through and streamlined for comparison and further analysis. Metadata, such as certificates, can then be utilized to confirm if the file is legitimate.

Read More
Tags: Fuzzy HashingLocality Sensitive HashingSimilarity Digestwhitelisting

5 Years, 500 Million Good Files and Counting

  • Posted on:February 16, 2015 at 10:04 pm
  • Posted in:Malware, Targeted Attacks
  • Author:
    Vincent Daraliay (Product Manager)
0

Trend Micro has recently reached an important milestone: we have vetted our 500 millionth “good file” towards the end of 2014. This means that we have a strong and vast repository of files to competently decide whether any given file is non-malicious or otherwise. Securing Single-Purpose Systems Whitelisting is increasingly being seen as a key…

Read More
Tags: application controlGRIDpoint of sale systemssingle-purpose systemstargeted attackswhitelisting

Patches Not Cure-all for Shellshock

  • Posted on:December 23, 2014 at 12:05 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Earlier this year, Linux system administrators all over the world had to deal with the Shellshock vulnerability, which could lead to malicious code being run on Linux systems. Servers running various web services were at particular risk. By now, most major distributions have been able to release patches that upgraded the vulnerable bash shell to versions not affected…

Read More
Tags: bashbash bugIDSLinuxpatchingshellshockwhitelisting

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.