NetworkWorld: Malware-detecting 'sandboxing' technology no silver bullet

/Home/Internet Security: Articles/Internet Security: NetworkWorld/NetworkWorld: 2013

University of California researcher says malware authors are aware of sandboxing and are in an 'arms race' to stay ahead of it

By Ellen Messmer
March 26, 2013

The security technology called "sandboxing" aims at detecting malware code by subjecting it to run in a computer-based system of one type of another to analyze it for behavior and traits indicative of malware. Sandboxing -- one alternative to traditional signature-based malware defense -- is seen as a way to spot zero-day malware and stealthy attacks in particular. While this technique often effective, it's hardly foolproof, warns a security researcher who helped establish the sandboxing technology used by startup Lastline.

Click the URL above to read the full article