Smart Protection Network

                                   Kelvin Liu
                 AVP, Core Tech Development
Evolving Threat Landscape


     Malware is           Malware is                          Malware is
     multiplying     ...
Example : Conficker / Downadup




       User receive
       a spam mail                                      Internet
  ...
Smart Protection Network against Conficker

                        Many clients’ processes are dropping
                 ...
Smart Protection Network against Conficker


                                        Threat Intelligence



              ...
Smart Protection Network against Conficker


                                        Threat Intelligence



              ...
What & How Trend Micro use Cloud Computing




                           HTTP                   DNS                      ...
Why Smart Protection Network



                 Time to Protect                         Threat Intelligence

            ...
Copyright 2009 - Trend Micro Inc.
Thank You




業務專線 : (02) 2378-2666
Upcoming SlideShare
Loading in...5
×

Cloud Computing,雲端運算防毒運用-Smart Protection Network 趨勢科技劉琴堂

1,992

Published on

根據一份統計資料顯示,全球每年病毒、惡意程式增加的速度遠比想像中快,1988年的病毒數量大約為8萬多種,但是到了1998年已經暴增到80萬隻,而截至2008年底病毒與惡意程式的數量已經達到100萬隻以上,預估到2015年將會快速增加到250萬隻。趨勢科技張明正董事長表示:「以目前的趨勢來看,現階段透過病毒碼特徵比對的防毒技術,未來將無法滿足企業與個人的需求,所以趨勢科技早在2006年就開始將雲端運算應用在資訊安全上」。


病毒、惡意程式增加的速度如此之快,是由於病毒產生工具隨處可得,許多駭客為了獲取金錢開始在網路上販售惡意程式開發工具,就算不會撰寫程式的使用者,也可以輕鬆製造出各式各樣的惡意程式,藉以竊取各種機密的資料。趨勢科技全球核心研發部事業副總經理劉琴堂表示:「藉由定時更新病毒碼的方式,或許可以杜絕部分惡意程式入侵,但是隨著病毒碼資料檔愈來愈大,以及惡意程式偽裝程度愈高,許多個人電腦、掌上型設備根本將無法應付來自四面八方的攻擊保護,所以趨勢科技很早就開始投入Smart Protection Network的開發。」

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,992
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
35
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • During today’s presentation we will cover a variety of topics. We’ll start with an overview of the changing threat landscape, explain what Smart Protection Network is and does and then wrap it up with any questions you may have.
  • Cloud Computing,雲端運算防毒運用-Smart Protection Network 趨勢科技劉琴堂

    1. 1. Smart Protection Network Kelvin Liu AVP, Core Tech Development
    2. 2. Evolving Threat Landscape Malware is Malware is Malware is multiplying sophisticated profit driven Complexity Web Botnets Spyware Spam Worms Malware is getting increasingly dangerous and harder to detect. Copyright 2008 - Trend Micro Inc.
    3. 3. Example : Conficker / Downadup User receive a spam mail Internet User open the mail then automatically download a file Connect to various websites, download other malicious files The file register itself as a system service Monitor the Internet Block access to browser’s address bar certain websites Internal - Confidential Copyright 2009 - Trend Micro Inc.
    4. 4. Smart Protection Network against Conficker Many clients’ processes are dropping similar filenames in a short time Community Intelligence Many clients access or modify the same system file in a short time Many clients accessed similar/same registry keys in a short time Customer Incident Feedback Log Trigger File Reputation Correlation Web Reputation Monitor Smart Protection Network Immediate Protection Email File Score From Connect to Reputation Correlate to figure Crypt.NS.Gen X 129.24.11.3/aexjiire/ Euwl.tsst.com:88/e34jg/ out where the threat Dropper.Gen X Ndj.sexadult.com/ssr/ee 112.42.5.112:80/ come from & where Nqe.exe V www.xyz.com www.abc.com it would connect to Conflicker_D X qd.wqwwor.com/om nadasm0.info:80/bugsy Conflicker_D X Fdjhg.wopqfe.com 7f7fewf.cn:80/sina/ Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    5. 5. Smart Protection Network against Conficker Threat Intelligence Incident Trigger File Reputation Correlation Web Reputation Monitor Immediate Protection Email Reputation Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Feb 2009 Copyright 2009 - Trend Micro Inc.
    6. 6. Smart Protection Network against Conficker Threat Intelligence Incident Trigger File Reputation Correlation Web Reputation Monitor Immediate Protection Email Reputation Domain / Name Server / IP / Register’s Email Correlation to build up a Spider Network Feb 2009 Copyright 2009 - Trend Micro Inc.
    7. 7. What & How Trend Micro use Cloud Computing HTTP DNS FTP Monitor Incident Trigger Correlation Correlation Clustering Analyzer Clawer MapReduce Data Processing Tracking System Hadoop ( HBASE / Meta Data ) Data Archive Message Routing framework Hadoop (HDFS) Infrastructure Virtualization Operating system OS Server Farm Smart Protection Network Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    8. 8. Why Smart Protection Network Time to Protect Threat Intelligence Immediate Protection Threat Lifecycle Early Warning Management Less Complexity Reduce Cost Lightweight Clients Reduce Downtime Costs Less Memory Usage Reduce Hardware Costs Internal - Confidential Feb 2009 Copyright 2009 - Trend Micro Inc.
    9. 9. Copyright 2009 - Trend Micro Inc.
    10. 10. Thank You 業務專線 : (02) 2378-2666
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×