We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAugusta Warner
Modified about 1 year ago
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 1 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Traditional Anti-Virus – A Busted Flush! by Kerry Davies Commercial Director, Abatis (UK) Ltd. 10-09-11
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 2 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Background Computer Science degree in early ‘80s Security field since 1986 Security Evaluator – Consultant – Manager – Company Founder – Director in Big 4 – Business Partner MSc in Information Security at Royal Holloway 2007-8 (Graduate 2009) Why is traditional A/V a “Busted Flush”? What is malware? How does malware work? How does traditional A/V work? An alternative approach (that works!)
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 3 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets WHAT IS MALWARE ? Virus, Worm, Trojan Horse, Key-Logger, Root-Kit, Logic Bomb, etc. Malware is a value judgement Malware is BIG BUSINESS for cyber criminals, cyber terrorists and hostile state actors - APTs Traditional anti-virus (A/V) is reactive not proactive – infections have to occur in order for the A/V vendors to collect samples to generate A/V signatures and the antidote Symantec’s 2010 report announced that they had found 286 million pieces of new malware that year – traditional A/V vendors can’t keep up with this volume and the user community can’t keep taking the megabytes of signature updates that the vendors push out daily
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 4 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Payload: implementation of specific actions such as opening backdoors, Botnet, spyware, keylogger, rootkit … Scanning Engine: scanning across the network How does Malware work? From: “Malware – Fighting Malicious Code“, p. 79; Ed Skoudis, Prentice Hall 2004 Elements of a worm (as an example) Warhead: gains access to the victim’s machine Propagation Engine: transfers the body to the victim Target Selection Algorithm: looking for potential new victims to attack
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 5 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Assessing the Threatscape Malware is everywhere and easily spread – nothing is safe any more As smart-phone use rockets and social networking explodes, we struggle to balance the need for security versus the need to share information Connection between the Hoover Dam and Natanz Nuclear facility in Iran? Consumerisation of IT - the blurring between professional and personal use of technology, mobile platforms and social networking pose serious threats Email spam, phishing, pharming and spear-phishing on increase So far in 2011, McAfee has identified 150,000 malware samples every day. One unique file almost every half second, and a 60% increase over 2010 19,000 new malicious URLs each day in the first half of this year. And, 80% of those URLs are legitimate websites that were hacked or compromised
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 6 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Consensus in the A/V Industry ‘….With mobile menaces steadily on the rise, we can only anticipate how virulently worms can multiply, especially with the explosion of Bluetooth and the increase in workforce mobility in organisations like the NHS’ Leslie Forbes, Technical Manager, F-Secure: “Back in the 80s, computer experts were quick to dismiss PC viruses as harmless. We need to learn from this mistake and start taking the mobile malware threat seriously. Only by taking pre-emptive measures can we equip ourselves against this pernicious and escalating menace…” Davey Winder: Security Journalist and Consultant “anti-virus technology can't stop targeted attacks....Anti-virus is dead because it is unable to detect attacks properly and is incapable of working on mobile devices” Nir Zuk, founder and CTO of Palo Alto Networks to SC Magazine, September 9th 2011 According to Ken Silva, CTO of Verisign: ‘….Criminals will go where the money is," Silva told CNET News. "If you start doing things of financial interest with your mobile phone, they will find a way to get your money." “ The security industry has ‘done a miserable job of protecting customers and industry. More than half of malware is not blocked by anti-virus, as vendors can only deal with known malware........the approach taken by most anti- virus vendors is not good enough, as most claim to block 99 per cent of known malware, but most cyber criminals use unknown variants. M86 Security CEO John Vigouroux Speaking to SC Magazine In 2007 ‘....there were about 200 malware threats for mobile phones and more than 250,000 viruses for Windows. Graham Cluley, senior technology consultant at Sophos Symantec recorded that in 2010 it saw 286 Million pieces of new malware
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 7 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Effectiveness of Anti-malware solutions Recent malware infection tactics: Drive-by download infection Fake security tool and free scanning services Social engineering – social networks, e.g. Facebook Embed malicious link in email – phishing, pharming and spear phishing type attacks Cracked PDF and document files – embedded link/payload Popular AV signature-based solutions detect on average less than 19% of malware threats. That detection rate increases to only 61.7% after 30 days Malware Detection Rates for Leading AV Solutions: A Cyveillance Analysis 04/08/10
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 8 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets OTHER METHODS OF PROTECTION Isolation Avoid questionable sites, download software only from reputable sites, run an anti-virus scan on any downloaded material Signature Based – as last table showed, average 19% effective on day 1, max 60%, reactive Heuristic – reactive, signature based fuzzy pattern matching, false positives (achieves 19%) Reputation Based – incomplete coverage, limited, vendor specific, error prone, can be defeated Hashing – used as part of reputation based approach (hashes can be defeated) Blacklisting – seriously? Whitelisting – attractive in principle but a huge maintenance nightmare as hashes have to be recalculated and redistributed to every machine for every change Combination – what the better A/V is doing now…………. Kernel-level Control over I/O – use fundamental nature of malware as executable code and ring- based integrity mechanisms of the O/S to block storage of executable program files on the hard disk to produce a fast, reliable, non signature-based, proactive anti-malware solution
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 9 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets HDF - IMPLEMENTATION Operating system e.g. Windows (Kernel mode / Ring 0) Applications e.g. WinWord (User Mode / Ring 3) HDF filter NTFS drive, C:\ Interface to hardware (NTFS, FAT etc) Block keylog.exe (b) save business.doc (a) save keylog.exe Operating system Input and output control (IO Manager) Without HDF protection NTFS drive, C:\ Interface to hardware (NTFS, FAT etc) Business.doc is not blocked With HDF protection
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 10 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets PRODUCTS AND BENEFITS HDF Workstation HDF Server All versions of Windows from NT to latest 64 bit Red Hat Linux Mobile Platforms (future), Real Time, SCADA Enforce system integrity Stop zero day attacks and targeted attacks Block all unwanted software execution No signature updates required; fit & forget – low TCO No performance impact – potential improvement
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 11 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets HARD DISK FIREWALL (HDF) HDF CLAMPDOWN SECURE MOBILE PLATFORMSCRITICAL SYSTEMS PROTECTION SECURE REAL TIME SYSTEMS PERFROMANCE IMPROVEMENT PROTECTION OF LEGACY EQUIPMENT Tablet Devices Windows 7 MobileAndroid Keylogger Protection incl USB Mobile worker Laptops eg. Sales people Drive-by Download protection Embedded Systems Safety Critical Systems CNI & SCADA Mission Critical Systems including Virtualised environments Stop website defacement & secure hosted environments Linux Windows NT Windows 2000 Windows XP Windows VISTA Battery Life Enhancement ResearchSecurity effectiveness Improvement if used with traditional A/VFaster if used w/o A/V or on-demand only scanning
© Abatis 2004-2011 HDF - the new approach in malware protection Patent Pending Worldwide 12 Abatis Security Innovations and Technologies Ultimate Protection for your Information assets Questions Kerry Davies Abatis (UK) Ltd Royal Holloway Enterprise Centre Royal Holloway University of London Egham Surrey TW20 0EX Tel: +44 (0) 7767 240799 firstname.lastname@example.org
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.
7 Effective Habits when using the Internet Philip O’Kane 1.
Hacker Zombie Computer Reflectors Target.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Max Secure Software founded in Jan 2003 develops innovative privacy, security, protection and performance solutions for Internet users. The company is.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
LittleOrange Internet Security an Endpoint Security Appliance.
Global Mobile Anti-malware Market WEBSITE Single User License: US$ 2500 No of Pages: 55 Corporate User License: US$
Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe Often used as a catch-all of any undesired or questionable mail.
ZERO-DAY ATTACKS By Hiranmayi Pai Neeraj Jain. Table of Contents Introduction Evolution of Vulnerabilities and Threats Propagation of Zero-Day Threats.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
One-of-its-Kind, SmartCOP.Easy3S is a revolutionary virus removal technology launched by one of India’s rapidly growing companies, Cyber Astro Ltd. With.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Malicious Software Index Introduction Terminologies Categories Backdoors Logic Bomb Trojan Horse Nimda attack Important questions.
Customized solutions. Keep It Secure Contents Protection objectives Endpoint and server software Protection.
[Name / Title] [Date] Effective Threat Protection Strategies.
Chapter Nine Maintaining a Computer Part III: Malware.
1. Intro What is PremiumAV? Antivirus engine Features of PremiumAV. Classification of PremiumAV. PremiumAV LAB Re-Branding or Private Label Why Re- Branding.
Protecting Your Computer & Your Information. Threats Virus Worm Trojan horse Rootkits Blended methods Spyware & Malware All of the threat can have varying.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
AVG- Protecting those who are vulnerable. Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
What is Spam? d min.
Malware Viruses Virus Worms Trojan Horses Spyware –Keystroke Loggers Adware.
TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Cybersecurity Test Review Introduction to Digital Technology.
Virus Removal Support Services. H OW TO K EEP Y OUR C OMPUTER F REE F ROM V IRUS T HREAT ? Virus can attack your PC any time without any.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Device- dependent Runs only on specific type of computer Types of Operating Systems What are some characteristics of operating systems? Next p
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Information Security Information Technology and Computing Services Information Technology and Computing Services
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
1 Panda Malware Radar Discovering hidden threats Technical Product Presentation Name Date.
Zahier Madhar – Pre sales Engineer Worry-Free Business Security 7.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Call Us: (Toll Free)
© 2017 SlidePlayer.com Inc. All rights reserved.