自动沙箱的网络犯罪案例

2013/11/25

Each computer, notebook, tablet and mobile phones to connect to your network as a terminal very fragile, viruses, worms, spyware, Rootkits, Trojans and other malicious software – are intended to disrupt your operations or access proprietary data and information .

The average cost of a computer security in the world in 2012 has reached 136 US dollars reported a record. Stolen information includes payment transactions, for example, employee records, social security numbers, financial data and professional research. Such damage to the reputation of customers, prospects and business partners, and it is easy to see why endpoint security will no longer be an option, but the front-line priority.

Antivirus software system named “blacklist” file to prevent a similar affect the safe operation of the attacks. The problem is that the blacklist requires a threat has been identified, diagnosed and anti-virus software system files continuously updated blacklist. To specific unidentified malware attacks, it is not possible in 100% 100% of the time recognized not added to the blacklist.

This means that no protection can be completed unless a procedure is known threats blacklist, and not in the whitelist is determined to be safe.

Sandbox problems can be solved in this gray area, you can make your security program allows specific virtual environments, using the sandbox program, you can avoid it make any permanent changes your files or system, if the program is malicious and does no harm.

In addition to the blacklist, the security system will use the sandbox to run anti-virus software to scan potential threat scans use heuristics, behavior analysis program that process, and similarity with known viruses, if a program is considered to be dangerous, It is isolated and safe operation of the sandbox.

Heuristic work is still not enough to provide full protection, like the blacklist, they must first detect a threat in order to deal with it – there is always a certain proportion of the threat can not be identified scanner.

The only way to ensure that the sandbox approach is to provide you full protection will be a default deny policy.

Default Deny all files during the installation or during execution runs in sandbox mode unless users, especially when running or whitelist file to determine if the file is known to exist secure.

Default Deny it is off the back door, while other antivirus software is open. While other anti-virus software solutions restrictions to protect you from the dangers that they can recognize the file, the default deny is the only policy to protect your face all the documents does not guarantee safety. Default Deny validate each executable files and programs on your computer, and prevent them from taking action that might jeopardize your files.

Equally important, the Default Deny Protection Policy will allow you to access and make file execution in a sandbox virtual environment, the results will always ensure protection without loss of time, money and productivity.

Tags:

Write a comment

Name
Comment