Antivirus firm F-Secure has developed a graphic tool for analysing the behaviour of malicious code.
At a press briefing in Sydney this week, Patrik Runald, senior security specialist at the Finnish firm, said the tool — called FS-CSI — graphically displays the behaviour of software.
Runald explained that the tool first takes a snapshot of a clean system, then the malware is added, and then another snapshot is taken. He said the system is far more efficient than previous tools because researchers no longer have to look through hundreds and thousands of lines of code.
"Instead of looking at lines of code, we are looking at a graphical picture of what the malware has done to your system. This is something we have had to do in the lab to keep up with the challenge of all the malware we receive and improve the way we work," said Runald.
The tool shows which processes are running, which files have been created by the malware and flags all the network connections that have been opened.
The previous method "just doesn't scale", said Runald.