Malware DNA, or the DNA of malicious software, is one of the ways provenance can use to identify a relatively similar code in a certain program. The technique, which has been widely used in genetics or to detect whether someone is the real author behind the work they present, is very fast and accurate. According to Tech News World, Malware DNA can “identify malware at machine language speeds and even detect zero day malware -- that is, previously unseen malicious programs.”
Provenance use can help decrease the number of malware and variations of malware cases per day or even drop it to zero. Since writing new software requires from malware authors a lot of time, money, and energy, most of them use the software they already have, but change the original malware to a new version. By doing this they can save money, time, and energy and still achieve their malicious goals.
“One way malware writers avoid detection of their programs is to craft polymorphic attacks. They dynamically change the code in their malware just enough to confound antivirus programs. Every malware variant has an immutable part derived from its predecessors all the way back to its original malware family. For example, CryptoWall 3.0 shares the same genome with CryptoWall and the previous CryptoDefense,” according to Tech News World.
Therefore, the genetics of Malware or its DNA is very useful when trying to identify the original malware by coding its DNA. Once the Malware DNA is identified, it becomes very hard for malware authors to reuse it or write variations of it.
But protection against cyber-attacks has not yet reached the point of ‘blocking’ attackers worldwide from even attempting to continue with their malicious intentions. “Unfortunately, none of the solutions that have been offered by the industry over all these years have been able to do that in any meaningful way,” said Igor Volovich, CEO of Romad Cyber Systems for Tech News World. “We've got stacks of Band-Aids. We keep adding more and more bandages, and we stop the bleeding for a while, but we never really fix the root cause," he added.
In the second quarter of 2016, Daniel Jackson along with University of California at Berkeley researcher Joseph Near, after testing 50 popular Web apps written in RoR discovered 23 security flaws that were previously unknown.
According to Information Security Timelines and Statistics HACKMAGEDDON as of May 2016 cyber-attacks statistics showed that 16.7% of cyber-attacks happen to software, 16.7% to restaurants, 11.1 % to defense contractor and the rest of 55.6 % composed of industries such as Retail, E-commerce, Payroll Services, Car rental, Sportswear, Networking, Job Search, Internet Services, Broadcast, and Financial service.
(Image Source: The Mary Sue)