Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Behavioural analysis needed to combat web 2.0 threats.

PC Tools : 18 July, 2007  (Technical Article)
Signature based detection cannot cope with the onslaught of new malware releases through web 2.0 according to PC Tools
PC Tools new advanced research team in Boulder, Colorado - which focuses on behavioural technologies - have identified a number of key trends that render signature detection ineffective in combating current and future malware threats.

"The security space is changing rapidly. We are witnessing a major shift in the anti-malware marketplace moving into a new era of Malware 2.0.," said Kurt Baumgartner, Chief Threat Officer. "We are now dealing with zero-minute, rather than just zero-day exploits that have the potential to further evade signature detections," said Baumgartner.

The Three key trends identified include:.

* Malware variants are now released at immense rates, driving up sample volumes and making it almost impossible for researchers to keep on top of updates using manual analysis. These threats are taking advantage of the non-detection sweet spot where they can freely propagate and infect before anti-malware companies can respond.

* New compilers and other techniques are being used to make threats more difficult, if not impossible; to detect with traditional signature-based systems. This technique relies on advanced server-side systems to create completely unique threats each time, devoid of the commonalities required for signature detection to be effective.

* "Micro-malware" - thousands of malware variants - are in circulation, but are focusing attacks on smaller groups of PCs, making it less likely to attract the attention of security vendors. As a result, malware is spreading in epic proportions and security vendors are being forced to triage the samples.

"These three key trends demonstrate that, just as the internet has moved into the Web 2.0 phase, the security space is moving into a new era of Malware 2.0. The real challenge for security vendors is in identifying new ways to detect the behaviour of malware. Signature identification alone is ineffective in protecting consumers," said Baumgartner.

"PC Tools are at the forefront of behavioural innovations with a number of new and advanced technologies; allowing us to stay on top of these emerging trends," said Baumgartner.

With the spyware industry estimated to be worth billions of dollars there are significant incentives for malware authors to develop techniques to avoid detection.

"We estimate that one-in-five users with major anti-virus products already installed on their computers are still vulnerable to these new and emerging threats," Baumgartner said.

"The results of internal testing on the most commonly used security software found that the addition of behavioural detection increased the effectiveness of traditional antivirus technology by up to 126%. In every case, each of the popular products tested missed a large quantity of in-the-wild threats active on users' PCs," Baumgartner said.

Current awards include: PC Magazine Best Anti-Spyware 2005, Editor's Choice 2006; Windows XP Magazine, Editor's Choice; PC Pro Recommended 2006, A List product; PC Answers Editor's Choice 2006; PC Advisor Gold award 2006; PC User 'Top Buy' 2006; Computer Shopper Best Anti-Spyware of 2006. We have also received Virus Bulletin and Checkmark Certification 2007.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo