Traditional Malware Scanning Techniques Losing Relevance

According to security firm Symantec, traditional information security solutions are proving ineffective in addressing the mounting level and range of online threats, as reported by ITPRO in May 2008.

The warning issued by Symantec in May 2008 is now turning out to be true, corresponding to the inadequate defense provided by typical signature-based procedure to detect the viruses and other malicious content. On the contrary, cyber criminals are constantly discovering new versions of spyware and viruses.

Jerry Egan, Director of Product Management at security technology and response department of Symantec, stated that the signature-based detection method is absolutely outdated, as reported by ComputerWorld on December 15, 2008.

Security experts told that signature-based scanning is effective in the cases where majority of malware include a single, detectable risk, which tend to spread rapidly to a large volume of users. These malware contain common code elements called "signatures" that can be easily detected by the antivirus software. Thus, files can be quickly scanned for malicious contents.

However, now the scenario has changed drastically as everyday about 12,000 new species of malware are being detected that should be immediately removed. But signature-based scanning technique is completely ineffective in eradicating them.

Another complication related to malware detection is that it infects about 20 to 30 computers before mutating. It implies that there may be another malware-variant residing next door to a user, according to Egan.

Moreover, the perspective of Symantec is nothing different from that of other security firms.

Senior Product Marketing Manager at Kaspersky Lab, Peter Beardmore, reported that in 2008, malware volume alone has gone up by 700% from 2007, as reported by NETWORKWORLD on December 12, 2008. This clarifies that the signature-based traditional scanning approach is facing a tough challenge.

John Maddison, Vice President of Core Technology Solutions at Trend Micro, also agrees with the growing sophistication of malware. He said that in this era of malware plague, when signature files are downloaded and stored on PC itself, signature-based scanning has become quite tough, as reported by NETWORKWORLD on December 12, 2008.

Maddison further added that with a constant increase, new signatures per hour will attain the level of 25,000 by 2015.

Related article: Traditional Hackers Eyeing Apple’s iPhone

» SPAMfighter News - 12/25/2008