|Authors||O. Lysne, K. J. Hole, C. Otterstad, Ø. Ytrehus, R. Aarseth and J. Tellnes|
|Title||Vendor malware: detection limits and mitigation|
|Publication Type||Journal Article|
|Year of Publication||2016|
|Keywords||Computer architecture, Computer crime, Computer security, Malware, Software Engineering, Supply chain management|
Computing device vendors can introduce malware that is nearly impossible to detect with known methods, but microservice solutions can limit the negative impact. Malware contains instructions whose execution negatively impacts stakeholders, typically leading to unauthorized access and computation, data theft, loss of privacy, inability to inspect data, or prolonged downtime. A computing system's robustness to malware attacks strongly depends on the ability of the technical system and its stakeholders to either detect inactive malware before it executes or to detect active executing malware as soon as possible, before it causes serious damage. Many previous works discuss the general difficulty of detecting malware, but we focus on the ability of buyers and other legitimate stakeholders to detect malware inserted in computing devices by vendors and other insiders with access to the devices before they reach the buyers.