0

Kaspersky Lab has successfully patented yet another bit of security technology. This time it is a new heuristic analysis technology which allows security ratings to be assigned to software based entirely upon behaviour patterns during emulation. Is this something to get excited about? Well, yes, if you look beyond the marketing spin and focus on what Kaspersky is actually doing here. The point being that with existing methods there are no 100 percent guarantees that new malicious programs can be detected, a typical chicken and egg situation which would require new technologies to detect and block potential new threats to be incorporated into the security solution. Kaspersky Lab reckons the new heuristic analysis method, which was developed by Nikolay Grebennikov, Oleg Zaitsev, Alexey Monastyrsky and Mikhail Pavlyushik, based on a system of rules can accurately assign a security rating to different processes. Using a constantly expanding system of rules, and ensuring that the most popular operations used by malicious programs are properly indicated (access to different parts of the registry, access to the Internet etc) the technology will express each such operation as a percentage to reflect a potential security risk level. When the operation is actually executed, the cumulative potential security rating of a process will increase and so as the rating grows this means different access restrictions to certain resources are introduced. Hostile activity by malicious programs can therefore be prevented at the outset by blocking access to the resources it needs to execute such activity in the first place. Kaspersky reckons that the new security rating methodology can increase the effectiveness of protection as well as increasing user-friendliness.

"Kaspersky Lab’s patented Security Rating technology is designed to automatically generate sets of rules for unknown applications" says Nadia Kashchenko, Chief Intellectual Property Counsel, Kaspersky Lab. "This technology is crucial for ensuring the transparency of antivirus solutions and for minimizing the need for product configuration by users."

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

1
Contributor
0
Replies
1
Views
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.