January 24, 2013

Technical Update: Raising the Bar for Anti-Malware Detection


A new level of sophistication in exploit tool kits has emerged. These tool kits cleverly circumvent most security detection techniques such as traditional signature and mobile malicious code analysis as noted recently in the press. New anti-malware technology includes full browser emulation capability that leaps ahead of exploit tool kits, zero-day threats, and similar malware.

Today's web browser environments provide powerful scripting functionality to create feature-rich, user friendly, and customizable browsing experiences through dynamic web content. Unfortunately, this also creates an excellent environment for cybercrooks to create web scripts that, though appearing innocuous, are actually carrying malicious code inside, designed to ultimately infect the user's computer. Malicious JavaScript may be conducting reconnaissance on the PC, checking for browser, availability and versions (or patch level) of plug-ins such as Adobe Reader, Flash Player, or .NET Framework, to determine the next steps of the attack that will ultimately gain control of the PC.

The intent of malicious JavaScript, either changing dynamically during browser execution or changing quickly on the server-side (via polymorphism), will often pass undetected by the current technologies. Simply evaluating JavaScript and other malicious mobile code for visible known patterns would not flag these obfuscated scripts as being malicious in their own right. Only patent-pending emulation capability can reveal the real-world effects caused by active web content under analysis.



Search Webtorials

Get E-News and Notices via Email


  

 



  

I accept Webtorials' Terms and Conditions.

Trending Discussions

See more discussions...

Featured Sponsor Microsites






















Archives

Notices

Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Continuing past this point indicates your acceptance of our terms of use as specified at Terms of Use.

Webtorial® is a registered servicemark of Distributed Networking Associates. The Webtorial logo is a servicemark of Distributed Networking Associates. Copyright 1999-2018, Distributed Networking Associates, Inc.