Numerous malware plague millions of machines worldwide on an annual basis. This notorious pieces of software not only diminish the performance of the infected machines by sapping their resources, they are also known for phishing important and personal data of the users and organizations to cyber criminals.
The good news is that the security industry has been steadily working against the assault of these malware. So far, major developments on anti-malware front have been done mainly by the prominent anti-virus vendors. But, the security industry has failed in many cases to protect systems proactively. For instance, the recent discovery of Stuxnet, Flame and likes have shown how the crackers had been operating for years under the nose of commercial security systems.
The good news is that a number of other organizations, apart from these mainstream vendors, are working on anti-malware systems. Two such new developments are Gooergia Tech’s Titan malware analysis system and EPFL’s malware origin tracing system.
‘Titan’ malware analysis system at Georgia Tech
Researchers at Georgia Tech Research Institute have now created a new malware intelligence system called Titan. Titan is an extra-ordinary system in that it allows private as well as governmental organizations to anonymously submit data regarding any malware threats they face.
In this way, not only the members organizations are able to stay up-to-date with the prevalent malware threats, they also receive reports about the malware threats they submit. These reports include useful information such as the likely source of the threat, possible remedy and the potential harm and risks posed by it.
Such a central portal for malware threats and their analysis can be very useful in many ways. For instance, if multiple universities submit a common threat at Titan, Titan will be able to analyse and show that they are being targeted by certain attackers. In this way, Titan has the capacity not only to provide solutions to malware threats but also provide key analysis about them, analysis which can keep organizations safe in the long-run.
The project leader and branch head for malicious software analysis at GTRI’s Cyber Technology and Information Security Lab, Chris Smoak, says, “You are asking people to submit information about targeted attacks, so anonymity is built-in to the platform.” Smoak further states that there are no other known systems like Titan and that it fills a key gap in the security industry.
Swiss scientists create algorithm to trace malware
Researchers at Federal Polytechnic in Lausanne (EPFL), Switzerland, have been able to develop an algorithm which, they claim, can trace a malware back to its origin.
According to Pedro Pinto, who is a researcher at EPFL, “Using our method, we can find the source of all kinds of things circulating in a network just by ‘listening’ to a limited number of members of that network.” Essentially, this algorithm detects the path information takes, for instance when the suspicious sender sends a malware to a recipient, and based on this knowledge, detects the origin of the malware.
The interesting part is that the algorithm is not limited to discerning malware origins. It can also go on to predict terror suspects, Amazingly, Pinto claims that they tested their algorithm on the vast amounts of data related to 9/11 which is available. He says, “By reconstructing the message exchange inside the 9/11 terrorist network extracted from publicly released news, our system spit out the names of three potential suspects — one of whom was found to be the mastermind of the attacks, according to the official enquiry.”
The algorithm can also go on to identify the origins of spam, unwanted emails and a number of other online security threats. Without a doubt, this is a huge step forward in fighting off terror and criminals, online and offline.