recommended reading

Discovery highlights how malware goes undetected

John David Bigl III/

Scientists have refined a technique to make automated analysis of malware nearly impossible, highlighting how viruses could bypass the scrutiny of security companies and go undetected by antivirus software, Technology Review reported.

Security researchers at the Georgia Institute of Technology's Information Security Center have found that a form of copy protection -- host identity-based encryption -- can lock up parts of a malware program with cryptographic keys based on information gleaned from a victim's system.

Such a technique would make it much more complicated for security companies and research labs to analyze virus specimens transferred outside the infected systems.

The discovery reveals how security software companies fall short in catching viruses if they just focus on catching malware by drawing on a database of identifying traits they’ve acquired from automated analyses. This means that antivirus companies may have to develop more sophisticated ways to discover new viruses and gain an edge against attackers.

Paul Royal, a research scientist on the Georgia Tech team, plans to unveil the work at the security conference, Black Hat, in Las Vegas this week.

(Image via John David Bigl III/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov