Friday, June 6, 2008

Malware Trend in 2007

I read the report IBM Internet Security System X-Force 2007 Trend
Statistics. This is a report describing trends for various threats in 2007.
This team has been tracking trends since 2000. I found the report
to be quite interesting. In the rest of this post, I highlight some
of the interesting points from the report and what they mean in the
context of malware detection.

(I) The X-Force team reports continued growth in Web browser exploitation. This
clearly shows that the infection vector is changing to the Web. Earlier
the primary infection vectors were email and the network. Therefore,
for detecting malware, drive-by-downloads (DBD) and other threats targeted at hacking through the Web browser need a lot of attention.

(II) X-Force also reports a marked increase in obfuscated exploits, i.e.,
exploits that use various code obfuscation techiques (such as encryption).
Here is a quote, "X-Force estimated that nearly 80 percent of Web exploits
used obfuscation and/or self decryption ... By the end of 2007, X-Force
believed this rate had reached 100 percent, ...". This means that going
forward, Web exploits will increasingly harbor indiscernible code rending signature-based techniques less effective. Advanced
techniques (such as behavior-based detection) are clearly needed to detect
such malware. To exacerbate the situation the X-Force report stated that
there was a 30% increase in new malware samples in 2007 over 2006. This
further drives home the point that signature-based detectors will have trouble
in keeping up with the number of malware as they cannot detect new threats.

(III) There was another very interesting point made by the report. Modern
malware use features from various types of classic malware (such as viruses, worms,
and spyware) by pulling the successful features of each into new strains. To quote the report, "Modern malware is now the digital equivalent
of the Swiss Army knife, and 2007 data continues to support this." This trend
also indicates that the behavior of malware is becoming more sophisticated, which
again supports my claim that detection techniques based on analyzing behavior are
better suited to handle malware of the future. Another interesting tidbit from the
report: "Trojans make up the largest class of malware in 2007 as opposed to downloaders,
which were the largest category in 2006." Recall that a Trojan appears to be a
legitimate file with some hidden functionality (for example, that of a rootkit).
Trojans are historically a problematic class of malware for signature-based
detection.

Overall, I found the report to be very interesting. Read it for yourself.
You can find the report here.

38 comments:

alice said...

Hey, I am a new comer in security area. I found your blog quite helpful. Keep writing!
I agree that sigunature-based methods are less effective for polymorphism virus. But I am not quite sure how behavior-based detections work. Could you provide some example?

love said...

你的文章讓我有種特別的感覺,請加油哦~~..................................................

累了 said...

好問才能博學。........................................

努力 said...

TAHNKS FOR YOUR SHARING~~~VERY NICE ........................................

春天來嚕 said...

thanks................................................

玉苓 said...

TAHNKS FOR YOUR SHARING~~~VERY NICE.................................................

志文志文 said...

很用心的blog,推推哦 ........................................

珮瑜珮瑜 said...

thanks................................................

子珠 said...

看看blog調整心情,又要來繼續工作,大家加油........................................

劉je217relacoste0 said...

裸體寫真全裸美女圖片色情訊息黃色圖片自拍裸體圖片sex裸露圖片18限85cc a片台灣色情網站免費色情圖一夜激情聊天情色聊天室限制級爆乳女優作愛巨乳學院性愛情慾陰脣一夜情下體網愛聊天鹹濕做愛自拍成人圖庫成人影城性關係視訊情人性影片觀賞裸照淫美成人論壇av寫真自拍裸女貼圖av圖情色性愛貼圖成人vcdsexy辣妹視訊聊天色情視訊淫婦台灣情色論壇丁字褲貼圖免費a片影片淫蕩女人live show男女做愛火辣妹妹激情網愛聊天美女裸照免費色情網站

孟軒 said...

很棒的分享~如有打擾之處,敬請原諒!

智能 said...

All roads lead to Rome. 堅持自己所選!.............................................

偉誠 said...

名模主播情人視訊 hi5 tv免費影片sex貼片網 ut 免費聊天室 電話交友網 視訊做愛 一對多視訊aio辣妹視訊 蜜雪兒免費小說 6元視訊聊天室 g8mm 視訊 辣妺視訊 av av女優 成人用品維納斯 微風成人skymuseum 080情人網,成人論壇 a性感用品維納斯 大眾論壇 視訊聊天室997 免費影片下載85cc 080視訊聊天室vino la論壇 show-live視訊情色 網 試看嘟嘟本土自拍網 avhigh 2008視訊聊天室 一夜情聊天室 柔情聊天室 正妹牆-視訊聊天網 桃園兼職援交辣妹視訊 洪爺後官電影院 成人光碟 援交影片情色視訊交友 080聊天網桃園天堂 show-life 影音視訊聊天室 et免費影片下載網路援交 臺灣情色網線上免費a長片 情人視訊網,月光論壇 bt電影下載3gp影片下載色妹妹貼影片 56 com影片下載內衣模特兒寫真 3P 論壇 av女優卡通aa片下載天堂 080中部人聊天室 aa 片俱樂部,免費av 性感影片 okav成人影院jp avdvd免費AV女優 av女優sex貼片 成人交友aqualyng 美女視訊聊天 彩虹頻道免費影片aa 男人幫色論壇 520sex成人情色網站

佳慧 said...

天下沒有走不通的路,沒有克服不了的困難,沒有打不敗的敵人。........................................

于呈均名 said...

只用微笑說話的人,才能擔當重任..................................................

陳卓人 said...

灰心是動搖的開端,動搖是失敗的近鄰。 ..................................................

俊宏 said...

Many a true word is spoken in jest...................................................................

Elvis湘均Kasp湘均 said...

It is easier to get than to keep it...................................................................

江婷 said...

欣賞是一種美德~回應是最大的支持^^.................................................................

AlphonseH_Va哲維 said...

卡爾.桑得柏:「除非先有夢,否則一切皆不成。」共勉!............................................................

玉婷良DGFHFJ瑋黃吳 said...

閱讀您的BLOG文章,真是件快樂的事!..................................................................

新順 said...

脾氣與嘴巴不好,就算心地再好,也不算好人~~~..................................................

筱涵 said...

A stitch in time saves nine...................................................................

陳明陽陳明陽 said...

Riches serve a wise man but command a fool.............................................................

KyungBivo中如 said...

Many a little makes a mickle.......................................................................

吳庭 said...

知識可以傳授,智慧卻不行。每個人必須成為他自己。. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

郭張淑惠致邦 said...

It is easier to get than to keep it.......................................................................

吳家達張怡萱張怡萱 said...

不錯喔~你的部落格很優~............................................................

琳楊楊義 said...

Learning makes life sweet.

家唐銘 said...

Never put off till tomorrow what may be done today..................................................................

張鴻黃淑娟水 said...

男女互悅,未必廝守終生,相愛就是美的。.................................................................

胤志文志文志文富 said...

文章雖然普通,但意義卻很大~~^^~~ ..................................................

恩宛玲如 said...

人生中最好的禮物就是屬於自己的一部份..................................................

守何何何韋 said...

多謝美味的心靈雞湯......................................................

立和辛和胡辛和辛偉 said...

看看文章轉換心情,也幫你加個油哦............................................................

Hollis Strong said...

very nice post..Thanks for sharing this with us. But can you provide some more details aboutInternet Safety?

TEAM SECURITY & HR SOLUTIONS said...

we are proving Security Guard Companies in Delhi , security guard, Security Services, Security Guard Delhi, Security Guard, Security Guards Delhi, Security Delhi NCR.Our service is better than another
security company.visit at http://www.teamsecurity.in

Ross Taylor said...

Excellent and very interesting article, your blog is very helpful for me. Thanks, to sharing the information about malware trends. It's less effective for polymorphic viruses. Can you provide some more details about Internet Safety? that's more beneficial for me and some other peoples. Market Data