Security software vendors are finding their life extremely tough against computer attacker because they are able to find new ways to inject harmful code into computers, stealing data, running scripts from remote computers. installing Trojan and doing a number of malicious activities. Because of the fact that Malicious software writer developing a good number of virus programs making very hard for antivirus programs to detect them and remove from the computers.
Most of the security software available till date use a virus database to detect and remove the virus and unwanted programs from computer. All antivirus programs require a signature list of virus programs in order to detect them This process have a number of disadvantage like first security vendors have to include new virus programs into their definition database and then push that definitions towards the computers across the globe. This complete process will take minimum of 24 hours and this much of time is good for an attackers perform a sufficient amount of damage.
Security software vendors are focusing on behaviour based approach for identifying a new virus programs. Behaviour based approach focus on some suspicious activities such as an executable program trying to write data on restricted memory location or trying to access operating system resources.
Antivirus provider AVG is introducing AVG Identity Protection, software that analyzes the behaviour and characteristics of programs running on a computer and shuts down activity that looks suspicious. The software is based on technology the firm acquired when it bought identity theft specialist Sana Security in January.
Failsafe 3.0 is another product from Damballa, that that is designed to discover botnet malware on computers by listening for communications between compromised systems and command-and-control nodes controlled by attackers on the Internet.
intersting article