1. 1 Part 7: State of the Art and Future u Are we in a sorry state? u How to keep us Safe? u Software trust management u Hardware trust management u Evasive virus scanning u Return of Obscurity Techniques (e.g. Steganography)

2. 2 Case 1: Doom and Gloom u Viruses are running around  Even though they are not the smart kind u Financial losses are a problem  Anyone trying to do PKI for credit cards? u Integrity checking missing u As users get smarter, attackers get even smarter

3. 3 Case 2: Getting better u Spam effectiveness is getting lower  Filtering making major inroads u Fraud is being contained via awareness u Countermeasures getting smarter u Hardware (TPM) and virtual machines are coming u RSA Secureid and such cards are being pushed  Phone verification is catching on

4. 4 Trust Management u Hardware trust management  Stores keys in hardware (e.g. PKI cards) u Software Trust management  Hashes, signatures, trusted software  Verification, attestation, cleaner installations u Email trust  Advent of email authentication may be soon

5. 5 Better Systems Security u Smarter viral scanners  White lists  Evasive scanners  In kernel support u Rootkit detectors  Practical detectors can run in kernel  Boot time detectors work

6. 6 Obscurity u Security though obscurity may be a good idea in some cases u Hide secret using polymorphic schemes u Virus/rootkit checkers use techniques that are “secret” u Make systems “highly personalized” in some automatic way  Makes viruses not know how things are arranged in a particular computer

7. 7 Conclusions u Security has come a long way u Networking is almost conquered u Viral attacks is sill a pain u Software is the final frontier

8. 8 Conclusions