Anti-virus baseado em comportamento

Interessante, embora não tão original como o artigo leva a crer...

Computer Scientists Set on Winning the Computer Virus 'Cold War'
University of Wisconsin-Madison (05/24/07)

ACM TechNews 30/05/2007

Computer scientists at the University of Wisconsin-Madison, the University of California-Berkeley, and Carnegie Mellon University have developed the Static Analyzer for Executables (SAFE), software that targets malware based on its behavior. SAFE examines the behavior of a program before running it and compares the behavior to a list of known malware behaviors, such as reading an address book and sending emails. Any program that performs a suspicious behavior is considered malware. Malware programmers can slip by traditional detection programs by creating a unique signature, requiring traditional malware detection programs to download updates at least every week. By examining the behavior rather than the signature, SAFE can detect malware even if it has a unique signature and only requires updates when a virus appears that exhibits a new behavior, creating a proactive defense rather than reactive. University of Wisconsin-Madison associate professor of computer science Somesh Jha calls SAFE "the next generation in malware detection." Jha and University of Wisconsin graduate student Mihai Christodorescu started working on SAFE when they tested different variations of four viruses on Norton and McAfee antivirus software. Norton and McAfee were only able to catch the original variation of each virus. SAFE caught all variations. SAFE will be particularly effective against a new type of malware that is designed to change every time it gets sent to another computer, which can create infinite variations of itself.
Click Here to View Full Article