Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Guarantee Malware Detection

Posted by CmdrTaco on Monday March 15, 2010 @04:19AM from the pardon-my-skepticism dept.

itwbennett writes "Dr. Markus Jakobsson, Principal Scientist at PARC, explains how it is possible to guarantee the detection of malware, including zero-day attacks and rootkits and even malware that infected a device before the detection program was installed. The solution comes down to this, says Jakobsson: 'Any program — good or bad — that wants to be active in RAM has no choice but to take up some space in RAM. At least one byte.'"

2 of 410 comments (clear)

Min score:

Reason:

Sort:

In case anybody was wondering... by fuzzyfuzzyfungus · 2010-03-15 04:24 · Score: 5, Informative

He is indeed selling something...
Refuting the imaginary article in your head by spun · 2010-03-15 04:41 · Score: 5, Informative

Still haven't read the article, eh? The technique is to swap everything out except the scanner, then write random bits to the entire memory space, then hash the memory. I could explain it all in greater detail, but, you know, there's this article, already there. Please do try to constrain your criticisms to things that actually apply to the article that was written, you know, the one we can all read. Refuting the imaginary article in your head does nothing for the rest of us.

--
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton