Viruses, Trojans, Malware, Spam, Clickjacking, security threats have taken many new forms. Security solutions have evolved from mere anti-virus engines to those with comprehensive online protection features such as encryption, enhanced spam filtering, anti-viruses for mobiles and much more. Security managers must consider the changing nature of attacks and plan their strategies accordingly. We take alook at the current scenario and ways to combat this menace in future.

The concept is not new but can be interpreted from different perspectives. The traditional approach of finding maJware is to check against a pre-existing list of malware, termed as a black list. The trend these days is to check for the property of a program instead of tallying it against a list of malware. Norton in its latest release has incorporated this feature which maintains a list of healthy files. During the scanning process, it checks only for files that are not there in the list and finds out if any changes have been made to existing files. The new approach is effective and also consumes less syste)TI resources in the long run, but still bas long way to go before it's fully adopted.

Name: Next Genthreats and their Solutions.jpg Views: 9 Size: 54.4 KB

We tes!ed a product named DriveSentry 3.1.2 which 'utilizes the concept of Whitelisting. It checks against the list of black listed programs, a list of good known programs (white list) and the online advisor community. The software provides the flexibility of choosing programs that need to be protected. A user can create access rights for programs, for e.g whether IE can perform write operations or not.lt focuses mainly on write operations being performed by different programs.

A user can synchronize the software for updates from theonline database. We tested the programs against our virus database and found it to quarantine all of them. We even tried to run some trojans and malware but the software very promptly blocked them. Other protective features such as anti-spam are not a part of this software. Another good feature about this approach is that the scan time required is less. This is because each time a scan is performed, trusted programs form part of white list and are not scanned until modified.