Experts laud heuristic detection as necessary backup to signature-based solutions
Wednesday, January 6, 2010
Anti-virus programming experts say that behavioral or heuristic detection of malware will become increasingly important to safeguarding computer systems, as modern malware becomes more and more difficult to detect using traditional methods.
Many advanced malicious programs are what researchers refer to as polymorphic, in that they can alter themselves on the fly or allow cyber criminals to alter them before use. Since most standard anti-virus software uses exact code signatures to identify known malicious software, these minor changes help the programs evade those signature-based options.
However, heuristic detection can help identify those polymorphic malware programs by ignoring the exact code they contain and looking instead for threatening behavior, according to PC World. Examples of this would include self-encryption and decryption, attempts to connect to remote servers for instructions, or any behavior characteristic of malware.
Some research takes the heuristic concept even further: Wake Forest University experts have designed a system modeled on a swarm of ants to detect and isolate harmful software, using what they call a "swarm intelligence" concept, according to Help Net Security.
Related News:
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.
|
