Pro-active anti-virus software seen to make new trend in security |
Written by Rebecca Mints |
Monday, 09 March 2009 02:17 |
Security firm AVG is setting a trend in threat detection as it introduces a new anti-virus software that uses behaviour-based approach in identifying new viruses. This new application called the AVG Identity Protection has been designed to be pro-active as it watches out for suspicious behaviours of unidentified programs and analyses its characteristics prior to entry. Once malware is suspected to be carried by the program, the software then locks the system secure by shutting down activity. Security companies have long been tying out new ways to win the battle against high-tech virus authors who are able to sneak programs onto systems and set in malicious applications. Current antivirus utilities are only able to block the entry of malware by verifying its code with a database of signatures of known viruses, an approach that is arguably ineffective in the advent of encrypted malware that are disguised as legitimate programs. With the development of the AVG Identity Protection, hopes are up that security protection extends to rigging remote attacks and updating of new virus signatures will no longer be as tedious. AVG said it was able to develop the software after acquiring the identity theft specialist Sana Security last January. “It’s time to do something different,” Roger Thompson, AVG’s chief research officer said in a statement that announces the release of the software. Two other security firms positioned themselves early in following this new trend in security. The software company Damballa will be releasing a new virus protection utility called Failsafe 3.0. Faisafe 3.0 has been described in its website as an ultimate anti-virus protection designed to discover botnet malware on computers by detecting unusual communications between a compromised system and command-and-control nodes. Like the AVG utility, Failsafe also shuts down activity once malware is suspected. Likewise, Triumfant announce it will be introducting a new software that will prevent exploits of security vulnerabilities that has remained unpatched. Developers said the new software will monitor behaviour of programs to protect the system against zero-day attacks by looking for changes in registry keys, security and port settings and performance statistics. It will then remove executable code when it detects suspicious behaviour.
|