Richard Marko ( Slovakia )
NOD32 Chief Developer,Eset
Andrew Lee ( USA )
Chief Technology Officer,Eset

The Secret Life of Malware – What's really out there?

Proactive approaches are now essential in effective malware defence. The period between a new virus appearing in the wild (zero hour), and its first appearance at the point where protection is required (first sight) is measured in minutes. Traditionally, perimeter defence was where aggressive malware protection policies were implemented – “first sight” would most often be at this defence line - and any user interfaced device (e.g. desktop) was considered the last bastion of protection. Today the user device, is the frontline of malware defense. Since Eset implemented their Global Virus-Radar system, they receive the earliest possible notification of new threats detected heuristically, and have gained deeper insight into malware lifecycles.

In this paper we examine key incidences of global virus epidemics, modeling outbreak behavior, and presenting defence strategies. Drawing comparisons and conclusions from the Global Virus-Radar we show that the most critical period for prevention is within one hour of zero hour, and that a heuristic approach at the user interface, whether desktop or mobile device – now the frontline - is the most effective and efficient way of preventing outbreaks.

Attendees will have a comprehensive view of how malware spreads, and key vectors, enabling a better understanding of how protection and prevention can be achieved.

Richard Marko was born in Kosice , Slovakia , in 1973. He graduated and received his MSc degree in computer science from the Technical University in Kosice in 1996. He joined Eset during his studies and started development of the heuristic engine for NOD Antivirus System. In 1997, when Eset's 32-bit incarnation of NOD antivirus (NOD32) began, he was appointed as the chief architect of the scanning engine.

Richard Marko's papers were published in the international magazine - Virus Bulletin and his lecture on heuristic algorithms was presented at 2002' s Virus Bulletin conference in New Orleans , USA .

Andrew Lee CISSP is Eset's Chief Technology Officer, Prior to joining Eset, Lee worked as a Senior Systems Administrator, responsible for the administration, support and deployment of enterprise virus prevention systems, and as a security consultant. He is currently very involved in AVIEWS (Anti-Virus Information and Early Warning System), an online community dedicated to the reduction of malicious code, and was a founding member of its sister group, AVIEN (Anti-Virus Information Exchange Network). Lee has presented papers at international anti-virus conferences, and written extensively on the subject of virus defense.