jha-security

I read the report IBM Internet Security System X-Force 2007 Trend Statistics. This is a report describing trends for various threats in 2007. This team has been tracking trends since 2000. I found the report to be quite interesting. In the rest of this post, I highlight some of the interesting points from the report and what they mean in the context of malware detection. (I) The X-Force team reports continued growth in Web browser exploitation. This clearly shows that the infection vector is changing to the Web. Earlier the primary infection vectors were email and the network. Therefore, for detecting malware, drive-by-downloads (DBD) and other threats targeted at hacking through the Web browser need a lot of attention. (II) X-Force also reports a marked increase in obfuscated exploits, i.e., exploits that use various code obfuscation techiques (such as encryption). Here is a quote, "X-Force estimated that nearly 80 percent of Web exploits used obfuscation and/or self decryption .