DOWNLOAD: Best tool to repair Windows problems & optimize system performance | Best driver update software for your PC
 

View Poll Results: Are the days of Signature based security software numbered ?

Voters
6. You may not vote on this poll
  • Yes

    2 33.33%
  • No

    1 16.67%
  • Dont Know.

    3 50.00%
Results 1 to 3 of 3

Thread: Are the days of Signature based security software numbered ?

  1. #1
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,572

    Exclamation Are the days of Signature based security software numbered ?

    Signature-based malware scanning, as we know it, will decline in effectiveness, imo !

    The days of definition based internet defense may well be numbered, but still, at this point only a few of today's security suites include "BEHAVIOUR-BASED" protection !

    ZoneAlarm and Panda TruPrevent, apart from Prevx, were among the first to have behavior-based solutions that block malware by its bad behavior. Just on the basis of this strength, Panda blocks up to 90 percent and ZASS up to 70 percent of network and e-mail worms !

    Behavior-based protection is different from heuristics; a technique that looks for suspicious patterns in executable code.

    Existing Anti-Virus software use a Signature Database to identify a virus. Many now use heurestics, of which NOD32 is said to have strong heuristics defenses.

    The "signature" of the "BEHAVIOUR-BASED" security software, is a binary string in a particular sequence. This is said to be unique to each virus. A signature based technology identifies the virus, based on the presence of this particular string, in an executable file. Once the string is found, the virus is identified & the software removes or blocks the malware file.

    The advantage is it can detect new threats, based on their behaviors, before a menace is identified and assigned a threat signature and name. The drawback of behavior based security software is that it can generate a much higher level of false alerts.

    What do you think ? Will signature based security software continue to rule the roost ... or will the hybrids take-over ... or will times change ?



    Would love to learn more on this

  2. #2
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    Thanks Andy for this. Personally I've been thinking for some time that the more virus applications change the more changes are needed in the anti virus programes will be needed to meet that challenge. I think I remember reading somewhere that Microsft had started to push av vendor to change from signature based ones, but I can not remember where. I think that the only way that we are going to get on top of things is by going the behaviour route

  3. #3
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    I do not know,
    I personally tested Panda Internet Security 2009 with TruePrevent enabled: the most of rootkit, virus and spyware were not detected or simply Panda warned me there were some infections with no action.
    The system slown down in return.
    I cannot trust spanish Panda.
    I have to say that I was Impressed by ThreatFire free which detected many sample of malware running in memory and allowed me to stop and kill malicious processes easily.

    However I still keep on using NOD32, Kaspersky or Avira
    Many thanks
    Last edited by leofelix; 15th February 2009 at 23:56.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22