In the physical world, the first thing researchers look for during an outbreak is patient zero. Where did the virus start and where are all of the places and who are all of the people it could have touched? In the cyber world this almost never happens. But it is just as fundamental. In reality in public health this does not happen so often unfortunately because epidemiology has been so far an extremely descriptive discipline.
Just as many other security technologies are delivering benefits through automation (for example, automated threat blocking, policy tuning, policy enforcement and reporting), technologies that automate as many steps as possible in the malware analysis process are essential. We need to be able to identify ‘the who,’ ‘the how’ and ‘the what’ quickly. Moreover, in epidemiology we need to plan optimal control strategies that stop the attack when detected.
The secret is really VERY EARLY DETECTION, and RAPID & OPTIMAL RESPONSE.
Keep in touch soon for my papers!