Thursday, January 04, 2007

Evolving the antimalware technology model

We have felt for some time that the traditional antispyware model has been fundamentally broken. Antispyware programs had started out originally as niche products, marketed by the likes of mavericks such as Patrick Kolla (SpyBot), Nicolas Stark (LavaSoft) and Bob Bales and Roger Thompson (PestPatrol), and they all relied upon a brute force method of removal.

This method revolved around analyzing the files, registry keys, processes and the like associated with a malware program and putting these values into a database along with a boatload of MD5 hashes (unique signatures generated for files). Then, this database was bolted on to a system scanner. Basically, your classic antispyware product was a giant database attached to a scanning engine.

Read the entire article HERE.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home