Skip Links

Virtualize your browser to prevent drive-by malware attacks

IT Best Practices Alert By Linda Musthaler, Network World
September 03, 2010 07:55 AM ET
Linda Musthaler
Sign up for this newsletter now!

The CIO-level business angle on the latest tech

When you open up a browser session and visit Web sites and click on hyperlinks, do you feel a little apprehensive about the possibility of drive-by malware getting installed on your PC? I sure do, even though I keep my antivirus/antimalware software and other security measures active and up to date. I might be a little paranoid, but for good reason.

According to the Websense Security Lab, the number of Web sites with malicious software grew 225% in the last six months of 2009. Seventy-one percent of Web sites with malicious code are legitimate sites that have been compromised by hackers. You're not even safe doing a simple web search; 13.7% of searches for trending news and buzz words lead to malware. And, by 2009, Kaspersky Lab had collected more than 32 million samples of malicious programs—double the figure from 2008.

15 secrets of next-gen browsers

Making matters worse is the fact that the average antivirus detection rate is about 19% on the first day of the malware's appearance, and only 62% after 30 days. These statistics are based on independent analysis from the cyber intelligence company Cyveillance. Now how do you feel about that Web surfing you like to do?

A company called Invincea (formerly known as Secure Command) has developed a solution that lets you browse all the Web sites you want without fear of picking up a virus or surreptitiously downloading malware. Borne out of research from DARPA and the George Mason University Center for Secure Information Systems, Invincea Browser Protection uses virtualization technology on the desktop to separate untrusted content coming from the Web from the rest of your desktop and network by putting it in a virtual environment. When you open your browser, Invincea seamlessly virtualizes the session.

Malicious activity is detected and isolated in the virtual browser environment in real-time. Detection does not depend on signatures. A restoration process then deletes the whole virtual environment with the malware and restores the original browser environment in a pristine state. During the restoration, Invincea gathers forensic intelligence about the threat, including the site that caused the infection and the code's actions; system changes; communications and spawns—all of its behavior. Event details about all programs, executables and malware that are downloaded during a session are tracked, and all system behavior is observed. This quantifiable data includes additions, deletions or changes to system registry keys; modifications to the file system; and network requests to other servers by malware. With such detailed information, you can know how, where and when your systems are infected.

Invincea Browser Protection installs on a Windows desktop and is totally transparent to the user. When a user opens up the browser, it looks and performs like Internet Explorer, Firefox, Safari, Chrome or the browser of choice—but it's totally within a virtual environment. Users can import their bookmarks and short-cuts from their original browser to personalize the Invincea browser. You can deploy the browser to your end user community in the typical way that you install other Windows applications.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News