Computers Are Always At Risk When Accessing The Internet

1107 Words5 Pages
Computers are always at risk when accessing the internet even with a top of the line anti-malware program installed. According to a study from the Web security company Dasient, between 2009 and 2010, the number of malicious websites doubled (Dasient via Chang, Venkatasubramanian, West, & Lee, 2013). This poses a difficult front for battling against malware. As long as the number of malware increase, anti-malware needs to keep adapting to the changing times. Another study, conducted in September 2014 by AV-Comparatives, showed that only one of the 23 anti-malware programs they tested have a "real-world protection test" score of 100% with only 5 false positives. Conversely, seven of them allowed at least 5% of the 602 malware tested…show more content…
Not only is malware becoming more difficult to deobfuscate, but it 's also utilizing new functions that are difficult to detect by these means. Therefore, anti-malware researchers should focus on other forms of detection such as CPU analyzers, holograpy, eigenvirus detection, differential fault analysis, the growing grapes method, and whitelist protection. Current Malware and Ineffective Methods of Detection Malware is getting past deobfuscation methods utilizing packaging. A survey conducted in 2006 by Black Hat indicated 92 percent of malware has gone through a packer. Other surveys indicate a number closer to 50 percent (O 'Kane et al., 2011). Despite this discrepancy in numerical data, it still shows that packaging is the most used form of obfuscation. To combat this, many anti-malware services attempt to pinpoint specific packers using signature analysis. According to O 'Kane and his team at Queen University, this is only as good as the comprehensiveness of the unpacker 's database (2011). Therefore, anything that is not in the signature database can easily bypass the anti-malware software. Another method of detecting these packaged files is through entropy analysis. When a file is packaged, the level of entropy of these files is increased a large amount. O 'Kane et al. point to a study of the PE-Probe entropy analysis software which has a detection rate of 99.6 percent for packed files (2011). However, this is only detecting that a file was
Open Document