1 post • joined 29 Jun 2007
Real need of Antivirus mutation
"Antivirus are dead" or whitelist approach as the substitute of the blacklist, well this is here quite excessive: what about classical users who are the champions to surf on porn sites, p2p networks or warez (video games for free)...how can they filter infected files from safe file? by an analysis with a debugger on a test environment?
The future of "Defense in dep" in any environment (home or corporate) is a combination of several technologies and security models and approaches; virtualization (in vogue, higly appreciated by "cost killers"), black list softs (antivirus, web filters), white list softwares (HIPS and anti-spam for instance), hardwares protection (antivirus in the chipset, antirootkit like Copilot), Rollback or reboot and restore softwares (DeepFreeze etc)...
But there's a fact: antivirus need to operate their mutation: an antivirus only based blacklist is not currently an interesting investment: a behvioural analysis module for instance could be a plus:
That's was demonstrated by "A-B-C" by the test of the Security Sofware Testing Alliance:
I suggest the read first of the last article: "antivirus: the antimarketing test".
Let's imagine the result with a pure antivirus..RIDICULOUS...
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Boffins spot weirder quantum capers as neutrons take the high road, spin takes the low