The amount of malware threats on the Internet has increased significantly over the past two years. New Web 2.0 tools only increase the dangers for PC users. As more kinds of devices connect to the Internet, the anti-malware industry needs to move from signature-based detection to behavior-based detection when combating malware threats. Here, Knowledge Center contributor Somesh Jha explores in detail the shortcomings and advantages of signature-based and behavior-based anti-malware approaches.
media networks are growing at an astounding rate. Facebook reportedly
has passed 160 million users worldwide. Other social networks are
growing at fast rates too. We are surrounded by fun and useful Web 2.0
technologies that help us collaborate and create our own content.
Unfortunately, this also means we face escalating security
vulnerability risks. There has recently been an unsettling increase in
the amount of malware on the Internet.
The very architecture for Web 2.0 tools that allow for greater
interactivity also open up new venues for computers and networks to be
attacked by malware.
Organizations are now using Web 2.0-based solutions and social media
networks in their workplace. There are many companies now who have
eight or more of these applications in use on their networks. This
trend of people using more Web 2.0 applications at work and at home has
increased malware attacks and corporate data leaks-and the costs to
Most collaborative and interactive Web applications require code to
are becoming part of the Internet user's everyday life. Web vendors
only need to look at the successes of Google Docs, Facebook and YouTube
to see the value in embedded programming running inside a browser. As
would be expected, this process continues to accelerate as processes
and applications follow documents and other files into the Internet
The problem in all of this is that code can be easily manipulated to
allow entry into computers or networks. With so much of the Web now
using code run in the browser to function, you cannot really just turn
the scripts off and still enjoy the utility of the Web. Browser is the
new operating system. The escalating functionality of what users can do
within their browsers means there is also an increasing number of ways
that malware can enter computers and networks-as a house becomes a
mansion and it has more windows to see out, there are also more ways
for thieves to break in.
Where once Internet users had to beware of clicking suspicious links
in e-mail or downloading unknown programs, malicious programs can now
come in many more forms. They do not always require mistaken consent to
infect a computer. Malicious code has been found operating in
advertisements running on Flash, rich HTML in e-mails and in many forms
To combat these types of threats, the industry is moving from
signature-based anti-malware to behavior-based approaches. Let's
explore these in detail.