Norton AntiBot
Encyclopedia
Norton AntiBot, developed by Symantec
, monitors applications for damaging behavior. The application was designed to prevent computers from being hijacked and controlled by hackers
. According to Symantec, over 6 million computers have been hijacked, and the majority of users are unaware of their computers.
AntiBot was designed to be used in conjunction with other antivirus software
. Unlike traditional antivirus products, AntiBot does not use signatures; there is a delay between when a vendor discovers a virus and distributes the signature. During the delay, computers can be affected. Instead, AntiBot attempts to identify a virus through its actions; viruses are malicious by nature. However, AntiBot was not intended to replace an antivirus product. The program uses technology licensed from Sana Security.
The product has been discontinued after AVG acquired Sana Security in January 2009, developing a standalone program similar to AntiBot called AVG Identity protection, which was also discontinued and integrated in AVG Internet Security 2011. Product updates and technical support will be available from Symantec for one year after a customer's last purchase or renewal.
s. A botnet is a collection of compromised computers, known as bots, which hackers usually control for malicious purposes. Two main uses of botnets include identity theft
and e-mail spam
. Kim cited a 29 percent increase of bots from the first half of 2006 to the second half. In all, there were six million active bots by the end of 2006.
On 7 June 2007, Symantec released a beta version of Norton AntiBot. AntiBot was designed to supplement a user's existing antivirus software. Unlike traditional antivirus software, AntiBot does not use signatures to identify malware
. Instead, it monitors running applications for damaging or malicious behavior, licensing technology from Sana Security.
AntiBot can also supplement SONAR
technology by Symantec, found in Norton AntiVirus 2007, Norton Internet Security 2007, and Norton 360
. Similar to AntiBot, SONAR monitors for malicious behavior. However, SONAR does not run continuously in the background; only during a virus scan in those specific products.
AntiBot was made available to the general public on 17 July 2007. On 16 January 2009, AVG announced their plans to acquire Sana Security were finalized. J.R. Smith, CEO
of AVG Technologies
, highlighted the 40,000 unique malware samples their analysts see each day. He noted the time frame between when a sample is analyzed and a signature is created, emphasizing the need for "instant protection", since hackers are constantly modifying their malicious software to evade signature detection. Often, there are several strains, or variations, of one virus, each with a different classification and signature.
Symantec confirmed ceasing sales and distribution of Norton AntiBot in early 2009. Product help and updates would still be available for one year following a customer's last purchase or renewal.
because it failed to completely remove a virus.
A technical limitation is AntiBot cannot detect inactive malware since there is no behavior for the software to monitor.
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
, monitors applications for damaging behavior. The application was designed to prevent computers from being hijacked and controlled by hackers
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
. According to Symantec, over 6 million computers have been hijacked, and the majority of users are unaware of their computers.
AntiBot was designed to be used in conjunction with other antivirus software
Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
. Unlike traditional antivirus products, AntiBot does not use signatures; there is a delay between when a vendor discovers a virus and distributes the signature. During the delay, computers can be affected. Instead, AntiBot attempts to identify a virus through its actions; viruses are malicious by nature. However, AntiBot was not intended to replace an antivirus product. The program uses technology licensed from Sana Security.
The product has been discontinued after AVG acquired Sana Security in January 2009, developing a standalone program similar to AntiBot called AVG Identity protection, which was also discontinued and integrated in AVG Internet Security 2011. Product updates and technical support will be available from Symantec for one year after a customer's last purchase or renewal.
History
Ed Kim, director of product management at Symantec, highlighted the rise of botnetBotnet
A botnet is a collection of compromised computers connected to the Internet. Termed "bots," they are generally used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet...
s. A botnet is a collection of compromised computers, known as bots, which hackers usually control for malicious purposes. Two main uses of botnets include identity theft
Identity theft
Identity theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name...
and e-mail spam
E-mail spam
Email spam, also known as junk email or unsolicited bulk email , is a subset of spam that involves nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. One subset of UBE is UCE...
. Kim cited a 29 percent increase of bots from the first half of 2006 to the second half. In all, there were six million active bots by the end of 2006.
On 7 June 2007, Symantec released a beta version of Norton AntiBot. AntiBot was designed to supplement a user's existing antivirus software. Unlike traditional antivirus software, AntiBot does not use signatures to identify malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
. Instead, it monitors running applications for damaging or malicious behavior, licensing technology from Sana Security.
AntiBot can also supplement SONAR
SONAR (Symantec)
SONAR is the abbreviation for Symantec Online Network for Advanced Response. Unlike virus signatures, SONAR examines the behavior of applications to decide whether they are malicious...
technology by Symantec, found in Norton AntiVirus 2007, Norton Internet Security 2007, and Norton 360
Norton 360
Norton 360, developed by Symantec, is marketed as an "all-in-one" computer security suite. The package includes an antivirus, a personal firewall, a phishing protection program and a backup program...
. Similar to AntiBot, SONAR monitors for malicious behavior. However, SONAR does not run continuously in the background; only during a virus scan in those specific products.
AntiBot was made available to the general public on 17 July 2007. On 16 January 2009, AVG announced their plans to acquire Sana Security were finalized. J.R. Smith, CEO
Chief executive officer
A chief executive officer , managing director , Executive Director for non-profit organizations, or chief executive is the highest-ranking corporate officer or administrator in charge of total management of an organization...
of AVG Technologies
AVG Technologies
AVG Technologies is a privately held Czech company formed in 1991 by Jan Gritzbach and Tomas Hofer, with corporate offices in Europe and the United States...
, highlighted the 40,000 unique malware samples their analysts see each day. He noted the time frame between when a sample is analyzed and a signature is created, emphasizing the need for "instant protection", since hackers are constantly modifying their malicious software to evade signature detection. Often, there are several strains, or variations, of one virus, each with a different classification and signature.
Symantec confirmed ceasing sales and distribution of Norton AntiBot in early 2009. Product help and updates would still be available for one year following a customer's last purchase or renewal.
Reception
PC Magazine noted AntiBot's above average ability to identify malicious programs based on behavior and the fact it did not mistakenly mark a legitimate program as malicious during testing. However, on some infected systems AntiBot failed to install or caused blue screensBlue Screen of Death
To forse a BSOD Open regedit.exe,Then search: HKLM\SYSTEM\CurrentControlSet\services\i8042prt\ParametersThen make a new DWORD called "CrashOnCtrlScroll" And set the value to 1....
because it failed to completely remove a virus.
A technical limitation is AntiBot cannot detect inactive malware since there is no behavior for the software to monitor.