Click here to receive your FREE subscription to Campus Technology
News
Madison, Berkeley Team Develop Malware Modeling Tool
6/8/2007
A research team from the University of Wisconsin, Madison and the University of California, Berkeley have developed virus scanning software they describe as the "next generation in malware detection."Instead of scanning for specific virus signatures, their Static Analyzer for Executables (SAFE) looks for suspicious behaviors typical of malware, such as reading an address book and sending e-mails.
Commercial scanners search programs for specific patterns, or signatures, which leaves an opening for virus programmers to disguise the virus. Each disguised variant then must be distributed and added to the virus scanners on a weekly or sometimes daily basis.
"Essentially, this is an arms race," said Somesh Jha, an associate professor of computer science at the University of Wisconsin, Madison, who, with graduate student Mihai Christodorescu, helped develop the program.
"I don't think the approaches currently being used by commercial companies are going to be sustainable," Jha told the Wisconsin Business Journal.
SAFE requires updates only when viruses exhibit new behavior. It is proactive, rather than reactive. The researchers began working on SAFE when they tested variations of four viruses on Norton and McAfee antivirus scanners and found that only the original variation of each virus was caught. SAFE caught all variations.
"[Attackers] are already becoming very sophisticated. They are using on-the-fly evasion techniques," Jha told WBJ. "As they use more sophisticated things to hide their malware, your detection has to become better and better."
Read More:
Paul McCloskey is a contributing editor for the Campus Technology group of publications.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- VMware Launches Key Piece of VDI Puzzle
VMware rolled out the centerpiece of its virtual desktop infrastructure (VDI) strategy this week with the release of VMware View 3.
- Microsoft Adds Gen 4 Datacenters for Cloud Computing
Microsoft is initiating the fourth in a series of datacenter upgrades to enable its cloud computing services, according to a Microsoft blog post Tuesday. And, like everything else in the software world, being highly modular is a good thing.
- Can You Operate as a Virtual Being?
Now that we are conducting at least a part of our business of education virtually and often meeting in virtual environments, let's explore the really big question for academics in a Web 2.0 era...
- Columbia Center To Smooth Web Operations with Collaboration Suite
A college or university without a Web site is inconceivable today, but with every site comes the challenge of managing content. Some sort of automated system is a given, but how much should the site's content management system integrate with other aspects of the campus computing infrastructure?
- IBM's Pass It Along: Mapping Memes Toward A Learning Organization
How IBM's new release is following through on old challenges... big ones.
- North Idaho College To Provide Accessible Lecture Recordings for Disabled Students
North Idaho College will be implementing a new classroom capture system as part of an effort to provide accessible education to students with disabilities. The college will be using SpeakerBox from ClearSky Systems for the lecture capture program beginning in January 2009.
