Аннотация:The modern cyber crime activities largely rely on malware-based infrastructure, i.e. botnets and backdoors in popular services for collecting private financial data, distributed denial of service and etc. A significant effort to develop better methods and tools for accurate malware detection and prevention is mounted both by the industry and academic community. With this paper we present current research roadmap for two adjacent fields: line-speed malware detection in modern network channels and privilege escalation prevention at host level by means of run-time monitoring of the networking applications normal behavior.