Anti-Malware Engineering Team

This blog provides information about what's happening in the anti-malware technology team at Microsoft. We're the team that builds the core antivirus, antispyware, anti-rootkit, and related technology, which is then used across a number of Microsof

Virus Bulletin 2006

Virus Bulletin 2006

  • Comments 2
  • Likes

A contingent from our antimalware team attended the Virus Bulletin conference in Montreal, Canada two weeks ago- 12 of us in all.  Matt Braverman and I were both presenters and I also moderated a panel discussing progress made by the Anti-Spyware Coalition

My paper entitled "I Know What You Did Last Logon" was a look into monitoring software from the perspective of privacy and the boundaries of appropriate versus inappropriate use for such technology.  I examined this from several angles including a discussion of several court cases that illustrate both sides of the discussion.  I also drilled into several pieces of malware for a more detailed discussion of the technical methods employed by monitoring software.

Matt's paper, entitled "Behavioral Modeling of Social Engineering-Based Malicious Software" focuses on malware that leverages social engineering to infect a computer. It reviews techniques used both in the past and present and uses up-to-date data from the MSRT to differentiate those social engineering techniques which have been particularly successful. For example, we've found that using "generic conversation" techniques in an email seems to be one of the most effective ways to attract a user to executing an attachment to that email. Such techniques usually leverage short email subjects and bodies (e.g. "Here is that document you asked for") to try and replicate conversations that may have occurred "in real life" between the email recipient and the sender which the email may spoof.

Copies of both papers are now available through the download center, let us know what you think.

-- Jeff Williams
Security Research & Response

Comments
  • My dad is often confused when he receives email viruses that try to use social engineering techniques to get it installed.

    I found Matt's paper a well written source that I've passed on to him, to help identify common techniques.

    Thanks, Matt!

  • Jeff Williams and Matt Braverman, of the Microsoft Anti-Malware Engineering Team , attended the Virus

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment