Carey Nachenberg Symantec Corporation
Stephen Trilling Symantec Corporation
Over the past year and a half, blended threats - threats that combine worm-like propagation with hacking and Denial of Service techniques - have spread incredibly rapidly, causing billions of dollars of damage to corporations. The massive penetration of these infections has underscored the limitations of traditional anti-virus software and the need for new, complementary solutions.
While there is no silver bullet against these latest threats, behaviour blocking represents a complementary technology with great potential to stave off these fast-spreading infections. Unfortunately, there is a great deal of confusion surrounding behaviour blocking and its capabilities and weaknesses. This paper will give a primer on behaviour blocking and propose several possible avenues of research that may yield fruitful results. Specifically, the paper will explore how pharmaceutical and biologically-inspired techniques can serve as a template in the design of the next generation of behaviour blocking systems. Such biologically-inspired systems may address many of the current issues with behaviour blocking and offer corporations a new tool in the fight against malicious mobile code.
