Click here to receive your FREE subscription to Campus Technology

Home > Madison, Berkeley Team Develop Malware Modeling Tool

News

Madison, Berkeley Team Develop Malware Modeling Tool

6/8/2007

By Paul McCloskey

A research team from the University of Wisconsin, Madison and the University of California, Berkeley have developed virus scanning software they describe as the "next generation in malware detection."

Instead of scanning for specific virus signatures, their Static Analyzer for Executables (SAFE) looks for suspicious behaviors typical of malware, such as reading an address book and sending e-mails.

Commercial scanners search programs for specific patterns, or signatures, which leaves an opening for virus programmers to disguise the virus. Each disguised variant then must be distributed and added to the virus scanners on a weekly or sometimes daily basis.

"Essentially, this is an arms race," said Somesh Jha, an associate professor of computer science at the University of Wisconsin, Madison, who, with graduate student Mihai Christodorescu, helped develop the program.

"I don't think the approaches currently being used by commercial companies are going to be sustainable," Jha told the Wisconsin Business Journal.

SAFE requires updates only when viruses exhibit new behavior. It is proactive, rather than reactive. The researchers began working on SAFE when they tested variations of four viruses on Norton and McAfee antivirus scanners and found that only the original variation of each virus was caught. SAFE caught all variations.

"[Attackers] are already becoming very sophisticated. They are using on-the-fly evasion techniques," Jha told WBJ. "As they use more sophisticated things to hide their malware, your detection has to become better and better."

Read More:


Paul McCloskey is a contributing editor for the Campus Technology group of publications.

Cite this Site

Paul McCloskey, "Madison, Berkeley Team Develop Malware Modeling Tool," Campus Technology, 6/8/2007, http://www.campustechnology.com/article.aspx?aid=48452

copy text (above) for proper citation



Recommended Reading
  • Vista Ramp Up Is Happening Now, Study Says

    Organizations may have been slow to adopt Microsoft Windows Vista, but expect that to change by late 2008 to 2009, according to a Forrester Research report by Benjamin Gray et al., published last week.

  • Bringing Composers into Classrooms Through Skype

    Two Pennsylvania teaching colleagues with an interest in music and technology are bringing remote experts into classrooms at almost no cost, using Skype's free videoconferencing technology.

  • Columbia U Going Live on iTunes U

    Columbia University has been beta testing its content through iTunes U, the Apple desktop media player for education-related podcasting. The New York-based university expects to go live with its release at the start of the fall semester.

  • Let the Games Begin! Google vs. Microsoft

    Pursuing a strategy as a consumer of services and choice, Drexel University has partnered with both Google and Microsoft to provide students with massive e-mail mailboxes, gigabytes of file storage with collaboration tools, Web-based calendars, personal blogs, and more.

  • Let the Games Begin! Google vs. Microsoft

    Pursuing a strategy as a consumer of services and choice, Drexel University has partnered with both Google and Microsoft to provide students with massive e-mail mailboxes, gigabytes of file storage with collaboration tools, Web-based calendars, personal blogs, and more.

  • Let the Games Begin! Google vs. Microsoft

    Pursuing a strategy as a consumer of services and choice, Drexel University has partnered with both Google and Microsoft to provide students with massive e-mail mailboxes, gigabytes of file storage with collaboration tools, Web-based calendars, personal blogs, and more.

Related Articles

send e-mail link to articleEmail this article

print this articlePrintable Format