“Today the majority of malware cannot be detected by signature-based security solutions and other traditional security methods. While these solutions play a role in a company’s defense-in-depth security strategy, malware now is more sophisticated and can easily go around these solutions,” said Greg Hoglund, CEO and founder of HBGary. “Our Digital DNA technology detects malware that is polymorphic, using advanced techniques or currently unknown that these solutions can’t find.” HBGary Digital DNA: How it Works Digital DNA is a patent-pending technology to detect advanced computer security threats within computer memory without relying on information provided by the computer’s operating system. All software modules residing in memory are identified and ranked by level of severity. The Digital DNA sequence appears as a series of trait codes when concatenated together describe the behaviors of each software module. For an example of a Digital DNA sequence, pleases use this link http://www.hbgary.com. Observed behavioral traits are then matched against HBGary’s new Global Threat Genome database to classify digital objects as good, bad or neutral. The database currently contains more than 2500 codified behavior traits.
Full Article HERE
I recently had a discussion about the DNA traits that could be programmed digitally into malware/virus’ I am interested to see a RNA version too that would mutate with connection to other malware/virus’ so they could trade and create new variants on their own.
With the advent of Conficker, I think this is getting closer to a reality. It is conceiveable to create code that could mesh in a random mutation and thus generate new and intersting modus operandi.
On the other end of this I am sure that the presented methodology by HB Gary will be all the rage in future attempts to detect and thwart all those pesky nasties.