Year after year we notice the decline in effectiveness of anti-virus scanning technology. With the huge number of new malware versions released every day, signature scanning simply cannot keep up. Yet another article questions the relevance of the technology:
….signature-based anti-virus scanning. It is an idea whose time may well have come and gone.
…“Signatures made sense when there were only thousands of viruses”, Thompson said. “These days there are 300,000 new malware samples every day”.
…In his view, most new malware samples that are detected on any given day are not likely to be active in the wild.
In a recent post, I noted a test which found signature scanning of popular AV products found less than 5% of new malware. It is the new malware which is the danger – 5% detection is hopelessly inadequate. It appears that most of the malware picked up by signature scanning are old ones which are no longer the major threat.
Is signature scanning not the elephant in the IT security room? Is it time for a paradigm shift?