Today’s malware has the capacity to spread like wildfire, with millions of computers infected in an instant as an epidemic sweeps across the Internet. This can take down huge swathes of infrastructure, bringing information highways to a standstill and leaving systems vulnerable to data leakage which in turn opens the door to large scale fraud. Detecting malware on every computer that is infected during an epidemic has little or no effect. What is needed is a reliable method for estimating the potential scale and direction of an epidemic, an early warning system, and that is exactly what the new technology developed by Kaspersky Lab’s Yury Mashevsky, Yury Namestnikov, Nikolay Denishchenko and Pavel Zelensky, is capable of doing. The technology was granted Patent No. 7743419 by the US Patent and Trademark Office on 22 June, 2010.
The patented new technology works by analysing statistical data about threats received from a global monitoring network. The network tracks malware downloads, hacker attacks and other similar security incidents, recording the times that they occur, their source and geographical location etc. Emerging epidemics can then be identified by the number of incidents occurring during a specific period in one location or another. This method makes it easy to pinpoint the source of an epidemic and forecast its likely propagation pattern.
“The new system has a number of advantages over other similar solutions. This technology contains a subsystem for tracing the source of the threat, a module that generates protective measures and a subsystem that simulates the spread of an epidemic,” noted Nadia Kashchenko, Chief Intellectual Property Counsel at Kaspersky Lab.