What's next - prediciting the future by looking at the past

Alex Shipp MessageLabs

There are very few viruses that are truly innovative - most build in some way on viruses that have gone before. This gives heuristic anti-virus software a very good chance of catching new viruses, if they can recognise the code or techniques that have been used before.

This paper looks at some of the techniques MessageLabs uses to follow trends in virus writing. By analysing real-world data, it is possible to predict what is likely to happen in the future, and allocate appropriate resources to investigate possible detection strategies.

del.icio.us

digg this

VB Conferences


	VB2013 (Berlin) VB2012 (Dallas) VB2011 (Barcelona) VB2010 (Vancouver) VB2009 (Geneva) VB2008 (Ottawa) VB2007 (Vienna) VB2006 (Montréal) VB2005 (Dublin) VB2004 (Chicago) VB2003 (Toronto) VB2002 (New Orleans) Photos Programme VB2001 (Prague) VB2000 (Orlando) VB99 (Vancouver) VB98 (Munich) VB97 (San Francisco) VB96 (Brighton) VB95 (Boston) VB94 (Jersey) VB93 (Amsterdam) VB92 (Edinburgh) VB91 (Jersey) ‘This was my first VB - it will definitely not be the last!!’

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 11 comments

Malware Prevalence

Autorun
Encrypted/Obfuscated
Heuristic/generic
Sality
Zbot

View this month's full report

Virus Bulletin currently has 224,243 registered users.

Fighting malware and spam

What's next - prediciting the future by looking at the past

VB2013 (Berlin)

VB2012 (Dallas)

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)