Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
05 March 2007  
Untitled Document
Sections

Market
Management
Technology
Technology Life

Columns

Between The Bytes

Events

Technology Senate
Technology Sabha
Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp.Channel Business
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Exp. Healthcare Mgmt.
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Edit - Article

Under pressure

Time was when deploying an anti-virus gateway was considered state-of-the-art when it came to information security. Those days are long gone. Threats are barrelling down fuelled by a lethal combination of technology, social engineering and a ruthless intent to steal and destroy. We are facing a perfect storm of threats.

The answer to this isn’t about getting definitions out faster to users, we’ve already done that. Today’s anti-virus/spam/whatever tools already pull down definition updates once/more than once every single day. That’s not enough when threats mutate faster than a chameleon changing its skin tone.

Security set-ups are feeling the heat as blended threats fall like acid rain eating into the shields that most organisations have set up

What we need is smarter protection. If users don’t have the time to spend on worrying about protecting their equipment then it’s a job for software with a little bit of Artificial Intelligence (AI). AI techniques have been used in various types of software with good results. It’s about time that somebody applied them to security. To begin with how about a piece of software that learns from threats and figures out all possible permutations and combinations of threats coming over different attack vectors. While some anti-virus companies have offered solutions that incorporate heuristics these are limited to scanning for viruses. What’s needed is software that can spot a Trojan piggy-backing on a phishing scam or vice-versa.

At the OS level Vista’s UAC has the right idea but the implementation nags you too often to be of much use. Chances are that anybody who knows how to will turn UAC off or just blindly click past the prompts.

A modified version of UAC that prompts you only in those situations that are actually dangerous rather than when you try to change the wallpaper would help.

Does this mean that anti-virus/spam/whatever is useless? No, these tools still have an important task to perform. What is needed is a piece of software that sits on top of all the security tools that exist on a system that makes them play together as a team. Think of it as a software coach that gets the best from individual players. Windows XP SP2 and beyond have a basic version of this. It’s called the security centre and it warns you if your anti-virus is out of date. What’s needed is something that goes beyond this and scans every new file that’s downloaded using every scanner on your system—anti-virus, anti-spyware—and combines the results to catch every single threat before it can make a hash of your system. If a threat gets through this layer there should be a second layer that catches any executable if it runs without the user being aware of it. To avoid false alerts a list of known OS functions could be kept and every new process could be compared against that. This list could be updated online.

Unless something on these lines is delivered, and soon, PC users are in for a world of trouble.

prashant.rao@expressindia.com

 


Untitled Document

UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.