Quantcast
PCWorld.com is upgrading some back-end systems. Some site features, such as user registration, may be temporarily unavailable.
Subscribe to magazine

Behavior-Based Malware Detection Software on the Way

Ellen Messmer, Network World

  • 0 Yes
  • 0 No

Start-up NovaShield says that in May it will release its first security product for the PC, behavior-based detection software designed to catch, quarantine and eradicate malware not ordinarily detected by signature-based antivirus products.

The Windows-based NovaShield software will recognize activity from keyloggers, Trojans, and botnets and block them from executing. NovaShield, primarily intended for consumers as it has no central management, will block drive-by downloads of malware through its behavior-based detection method, which would alert users that suspicious activity is occurring.

"In this instance, there would be an alert to the user about Web activity," says Somesh Jha, chief scientist and co-founder of NovaShield, along with CEO Praveen Sinha. "Once we flag these executables as suspicious, we block them. But we do offer the user a way to override it." Jha is also a professor of computer science at the University of Wisconsin at Madison.

Sinha says the start-up, which has nine employees and was officially founded in 2006, this month received a half million dollars in small tech business funding from the National Science Foundation, though it has also aggregated $4.7 million in angel funding from undisclosed investors.

Several antimalware vendors, including McAfee, Symantec, Trend Micro and WebSense, are also tackling the problem of drive-by downloads, and offer versions of their own signature-based and behavior-based detection (compare intrusion prevention products and compare antivirus products).

The approach to malware detection that NovaShield is taking probably bears the most resemblance to that of behavior-based security product provider Sana Security, Jha says.

The NovaShield software monitors files, registry, process and events on Windows XP-based machines, using what Jha calls NovaShield's own "specification-based monitoring" to ensure secure interaction between application programs.

Pricing for the NovaShield software hasn't been announced, but once it's out in May, NovaShield plans a free trial version to be available.

For more information about enterprise networking, go to NetworkWorld. Story copyright 2008 Network World Inc. All rights reserved.

  • Recommend this story?
  • 0 Yes
    0 No

"Behavior-Based Malware Detection Software on the Way" Comments

  • Great year-end deals for small business!

  • Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors and save up to 200!

    Learn more

  • HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!

    Learn more

  • *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.

Dell Fast Track

People who read this also read:

Sponsored Links