Self-defending security software

This paper describes a series of tests designed to attack security software in real time as it provides protection for applications and operating system programs on Microsoft Windows 2000 operating platforms. One security program tested fell into the Intrusion Prevention System (IPS) category of security software. A second security solution provided Anti-Viral protection and the third security program provided Anti-Malware protection for the test systems with a principal focus on Spyware and Adware detection and removal. All security programs were run in a variety of conditions including single mode, where only the security application was running through full integration modes where all security applications were running simultaneously. Security program default configurations were used in all tests. The findings indicate that none of the tested software was capable of defending itself against attacks designed to suspend and unload them from memory. As is shown, the IPS software was more robust than the other two solutions, but was easily compromised and actually created numerous false positives and misinformed the user on the running of the other security software.