Quantcast
Subscribe to magazine

Behavior-Based Malware Detection Software on the Way

Ellen Messmer, Network World

  • 0 Yes
  • 0 No

Start-up NovaShield says that in May it will release its first security product for the PC, behavior-based detection software designed to catch, quarantine and eradicate malware not ordinarily detected by signature-based antivirus products.

The Windows-based NovaShield software will recognize activity from keyloggers, Trojans, and botnets and block them from executing. NovaShield, primarily intended for consumers as it has no central management, will block drive-by downloads of malware through its behavior-based detection method, which would alert users that suspicious activity is occurring.

"In this instance, there would be an alert to the user about Web activity," says Somesh Jha, chief scientist and co-founder of NovaShield, along with CEO Praveen Sinha. "Once we flag these executables as suspicious, we block them. But we do offer the user a way to override it." Jha is also a professor of computer science at the University of Wisconsin at Madison.

Sinha says the start-up, which has nine employees and was officially founded in 2006, this month received a half million dollars in small tech business funding from the National Science Foundation, though it has also aggregated $4.7 million in angel funding from undisclosed investors.

Several antimalware vendors, including McAfee, Symantec, Trend Micro and WebSense, are also tackling the problem of drive-by downloads, and offer versions of their own signature-based and behavior-based detection (compare intrusion prevention products and compare antivirus products).

The approach to malware detection that NovaShield is taking probably bears the most resemblance to that of behavior-based security product provider Sana Security, Jha says.

The NovaShield software monitors files, registry, process and events on Windows XP-based machines, using what Jha calls NovaShield's own "specification-based monitoring" to ensure secure interaction between application programs.

Pricing for the NovaShield software hasn't been announced, but once it's out in May, NovaShield plans a free trial version to be available.

For more information about enterprise networking, go to NetworkWorld. Story copyright 2008 Network World Inc. All rights reserved.

  • Recommend this story?
  • 0 Yes
    0 No

"Behavior-Based Malware Detection Software on the Way" Comments

Print 65% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.

Featured APC Accessories For Your System
10% Off Entire Cart at Online Store

  • APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
  • APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.

People who read this also read:

  • 2007 Microsoft Office Suites Comparison This paper compares and contrasts four suites of the 2007 Microsoft Office system: Microsoft Office Standard 2007, Microsoft Office Professional Plus 2007, Microsoft Office Enterprise 2007 and Microsoft Office Ultimate 2007. This paper is intended to help organizations understand the applications and capabilities offered, and to identify the suite that best fits their needs.
  • Windows Vista Migration: The Business Proposition It's not so much a matter of "if" but "when" for most organizations regarding migration to Windows Vista. Laying the groundwork now for this migration can yield higher ROI than waiting until later. This Computerworld Technology Briefing explains it all.

PC World's Marketplace