Here’s the abstract:
Anti-Virus is, it seems, an ex-parrot.
We’ve seen so many announcements of the death of anti-virus we’ve taken
to carrying black ties around with us, ready for the next one. This
paper probably won’t have much impact on the ludicrously funereal tone
of some commentary, but will take an informed look at the reasons most
often given for the imminent demise of the AV industry and in the hope
of achieving a balanced view of the present role and future evolution of
malware analysis. Reports of the (near-) death of static signature
detection may not be exaggerated, but anti-malware technology has moved
far beyond simple signatures. We consider in depth the accuracy of some
of the basic contentions that keep turning up ad infinitum in memoriam…
- Conclusions based on detection testing and pseudo-testing statistics
- Anti-virus is ok if you don’t have to pay for it
- Heuristic detection has gone the way of the static signature
- Spammed out malware is less important than targeted malware
- New (mobile) platforms require new defensive paradigms
Catching or blocking malware is just part
of the security challenge, at home or in the workplace, and malware
detection is a very different technology to what it was 20 years ago,
but does that mean it’s obsolescent? We look at the three primary
functions of AV:
- protection in the form of proactive detection and blocking through a range of heuristic, reputational and generic countermeasures
- detection of known malware
- remediation where something is detected and has managed to gain a foothold
We contend and demonstrate that while
emphasis has undergone an irreversible shift from detection by
signature, to remediation of signature-detected malware, to more generic
detection by technologies such as heuristics, behaviour analysis, and
reputation, a complete solution addresses all those issues. AV is
dead, or at best comatose: at any rate, self-replicating malware is a
small part of a much larger problem, while signature detection is
primarily a fallback technology that helps with remediation rather than a
primary layer of protection.
Anti-malware technology moved on long
ago. Customer and media perception, though, has lagged way behind. Could
it be that when other sectors of the security industry, driven by
commercial agendas, engage in inaccurate and at best misinformed anti-AV
commentary, that they are also putting their own interests and those of
the community at large at risk? Would a world without the mainstream
anti-malware industry be such a good place to live?
I am a Single full time dad on disability getting no help from their moms. It a struggle every day. My boys are 15 and 9 been doing this by myself for 8 years now it’s completely drained all my savings everything . These guys are the present day ROBIN HOOD. Im back on my feet again and my kids can have a better life all thanks to the blank card i acquired from skylink technology. Now i can withdraw up too 3000 per day Contact them as well on Mail: skylinktechnes@yahoo.com or whatsspp/telegram: +1(213)785-1553
ReplyDelete