- behavioral patterns,
- web injects signatures,
- user input analysis.
Our research points out clearly that even products sold as a “100% malware proof solutions” have serious implementation errors and it is only a matter of time when malware creators start targeting their guns against these vulnerabilities, effectively bypassing or abusing these countermeasures. Is it a road to failure or is there still time to improve these solutions? In this document we present security analysis of those solutions from attacker point of view and recommendations for improvement.
See also our presentation from Black Hat Asia and Confidence: “Bypassing malware detection mechanisms in online banking“