Look out, McAfee; the next big cybersecurity software could be coming out of Israel. A group of researchers from Ben-Gurion University has published a new method for detecting malicious emails that they say outperforms 60 top-selling anti-virus programs.
Most anti-virus engines examine specific parts of email, such as attached files, as they look for malicious code that could disrupt a user’s computer if it were executed. It’s kind of like checking someone’s carry-on for contraband. While that’s the most logical place for a border guard to look, it’s hardly the only place a smuggler might hide something. Current anti-virus software misses key areas in email that are increasingly likely to carry bad code.
“Existing email analysis solutions only analyze specific email elements using rule-based methods, and don’t analyze other important parts,” Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, said in a press release. For instance, the number and size of attachments is a typical giveaway of a suspicious email, as is the number of recipients, since most email attackers are seeking the largest number of potential victims. But those aren’t the only indicators.