Click here to receive your FREE subscription to Campus Technology
News
Madison, Berkeley Team Develop Malware Modeling Tool
6/8/2007
A research team from the University of Wisconsin, Madison and the University of California, Berkeley have developed virus scanning software they describe as the "next generation in malware detection."Instead of scanning for specific virus signatures, their Static Analyzer for Executables (SAFE) looks for suspicious behaviors typical of malware, such as reading an address book and sending e-mails.
Commercial scanners search programs for specific patterns, or signatures, which leaves an opening for virus programmers to disguise the virus. Each disguised variant then must be distributed and added to the virus scanners on a weekly or sometimes daily basis.
"Essentially, this is an arms race," said Somesh Jha, an associate professor of computer science at the University of Wisconsin, Madison, who, with graduate student Mihai Christodorescu, helped develop the program.
"I don't think the approaches currently being used by commercial companies are going to be sustainable," Jha told the Wisconsin Business Journal.
SAFE requires updates only when viruses exhibit new behavior. It is proactive, rather than reactive. The researchers began working on SAFE when they tested variations of four viruses on Norton and McAfee antivirus scanners and found that only the original variation of each virus was caught. SAFE caught all variations.
"[Attackers] are already becoming very sophisticated. They are using on-the-fly evasion techniques," Jha told WBJ. "As they use more sophisticated things to hide their malware, your detection has to become better and better."
Read More:
Paul McCloskey is a contributing editor for the Campus Technology group of publications.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Sentrigo Offers Help for Database Patching Woes
Sentrigo Inc. released its new Hedgehog vPatch database security software product Tuesday. The product addresses patching inconsistencies that seem to affect busy Oracle database administrators (DBAs), who don't always have time to test and patch. However, users of Microsoft SQL Server database in the enterprise can take a lesson here too.
- Starfish Launches Higher Ed Retention Solution
Software provider Starfish Retention Solutions has announced the upcoming launch of its first product, Starfish Office Hours. The company said this will be the first in a series of products intended to help higher education institutions improve retention and graduation rates by aiding in the delivery of programs designed to help at-risk student populations.
- Unisys Offers Free Unified Communications Trial
Unisys announced Monday that it is offering companies a free 30-day unified communications trial using Microsoft solutions. The offer is currently available through Microsoft's sales personnel.
- New Mexico Launches Statewide eLearning Initiative
As part of its Innovative Digital Education and Learning initiative (IDEAL-NM), New Mexico is launching a statewide program to standardize on a single electronic learning platform--Blackboard--spanning K-12, higher education, adult education, and government. The initiative will also support a new statewide virtual high school.
- North Carolina Adopts Blackboard for Higher Ed
The University of North Carolina and the North Carolina Community College System have signed on with Blackboard to deploy that company's electronic learning platform across 68 individual campuses.
- Semantic Search: Could the Web Think?
Semantics is a sub-field of linguistics that focuses on meaning making in language. Therefore, the Semantic Web we're still reaching for will be based on a set of definitions, languages, and standards that can base a search on the detection of meaning and not just on a simple character string. The Semantic Web will at least be smarter than the current Web.
