Symantec updates anti-malware technologies
By Stephen Pritchard,
Information security measures based around tried-and-tested techniques are unable to cope with the growing range and volume of threats, a leading software vendor has warned.
According to Symantec, the use of virus "signatures" to identify malware is no longer enough.
Signature-based approaches worked well when most malware consisted of a single, identifiable threat that spread quickly to a large number of users. Such malware typically contained common elements of code, known as signatures, that could be picked up by anti-virus software. This, in turn, allowed quick scanning of files for malicious payloads.
But malware writers have changed the way they develop their attacks, Symantec suggests. Instead of using one piece of malware to attack millions of systems or users, they are now using individual threats. Frequently, these threats are highly customised. As a result, one signature might only detect a single threat, making signature-based scanning inefficient.
Instead, Symantec is moving to a new system to detect malicious code, based on reputation and user profiles. Software that runs on just a few systems is more likely to be deemed suspect than software that runs on millions, according to developers at the company. When it comes to profiling user traffic on the internet, users who have suffered a malware infection in the past are more likely to be infected again in the future.
The new technologies will be part of Symantec's Norton consumer anti-malware products from 2009. Other improvements will include much faster scanning of incoming files and quicker downloads and installations of the software. This, Symantec believes, will improve security for both consumers and business users, as users are less likely to cancel downloads or turn off security software, in order to improve the performance of their PCs.
One of the things people really complain about in security software, not just ours, is it is slow and heavy, said Janice Chaffin, group president, consumer business unit, at Symantec. "People have a lot of gripes about how it might slow down your system so our goal for our products is to create zero impact on performance. It is not a simple thing to do... we have had to create some new technology in the scanning area that allows us to scan less."
You may also like...
Sponsored Links
advertisement
You may also like...
Latest Security Analysis & Insight
Do British police get cyber security?
Davey Winder listens to telephone conversations between the FBI and the Metropolitan Police, courtesy of Anonymous, and isn't impressed.
- Who to trust after the VeriSign hack?
- Striving to solve the security skills crisis
- Would you employ a hacker or malware writer?
- Q&A: Raj Samani, CTO McAfee
- Erase and rewind: the EU and privacy
- My email address is [CENSORED]
- Is there such a thing as a secure tablet?
- 2011: The year in news
- BYOD: Old or new, good or bad?
Latest Security Reviews
Check Point 2210 Appliance review
Rating: 
advertisement
Most popular
- Ubuntu vs. Windows 7 on the business desktop
- York researchers heat storage to speed up data
- OneNote hits Google?s Android
- O2 trials Olympic-scale remote working
- Who to trust after the VeriSign hack?
- Lenovo beats expectations again
- BlackBerry Bold 9790 review
- Will someone rid me of these troublesome Macs?
- Google to promise fairness after Motorola buy
- Welcome to the stay-at-home Olympics
Latest News Videos in Security
IT PRO Podcast: Are UK data protection laws flawed?
PlayWe bring in two experts to talk about the problems with UK data protection law and the way it is managed.
Register for IT PRO
You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
