More Calls For Behavior-Based Virus Fighting

from the of-course dept

It's no surprise to see this article so soon after such a major virus outbreak. People are wondering, yet again, how come our anti-virus systems work in a reactive way - after discovering a virus, pushing out an updated virus definitions file to protect subscribers. The problem, of course, is that this only happens well after the virus is in circulation. So, once again, we get calls for more pro-active, behavior-based anti-virus protection. Since the last big virus outbreak, a few such products have started appearing on the market. Though the initial offerings are mostly focused on enterprise users, they're likely to trickle down pretty rapidly. Still, I stand by my earlier prediction that behavior-based virus fighting will have unintended consequences. First, it will end up blocking/stopping certain legitimate behaviors that the system interprets incorrectly as virus activity. Second, it will just encourage virus writers to adapt and start writing viruses that piggyback on legitimate uses in order to sneak past the filters. It's pretty clear that current anti-virus methods aren't working, but behavior-based anti-virus fighting may not be the best solution either.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Matt, 30 Jan 2004 @ 5:34am

    No Subject Given

    in any case I would think that most antivirus companies faced with:
    a) write whizzbang software that solves all virus problems forever
    or
    b) have a tasty monthly revenue from people downloading updates to signature files
    are going to go with b) even if a) were possible

    link to this | view in thread ]

  2. identicon
    aNonMooseCowherd, 30 Jan 2004 @ 7:47am

    mind-reading virus detection

    "Behaviour patterns"? I supposed he would treat any program that deletes files as a virus because that's one behavior of a virus. Sounds like he's asking for software that can read minds.

    link to this | view in thread ]

  3. identicon
    Mikester, 30 Jan 2004 @ 10:26am

    Not likely

    I would imagine in order for this to work, the AV software would have to reverse-engineer in some way each attachment/software/file passing under it's nose in order to see what the intentions are. That's probably a big no-no under the DMCA and would surely be challenged in court by someone very quickly.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.