:: NORMAN :: Antivirus | Firewall

Proactive IT security

Home

News

Support

Partner

Select country

Select product

News » Press releases » 2001 » - Patenting Deep Scan and Sandbox technology; Norman introduces a new technique for eliminating new computer viruses

- Patenting Deep Scan and Sandbox technology; Norman introduces a new technique for eliminating new computer viruses

Add to My Norman Bookmarks

Lysaker, 25 October 2001

The data security company Norman ASA is the first company in the world to present sandboxing, a method to detect unknown viruses in real time. The risk of false alarms is practically eliminated. This innovative technique was presented at the renowned Virus Bulletin Conference 2001 in Prague.

Unknown viruses have always been a challenge for antivirus companies, and the recent events with more complex and faster spreading viruses like Nimda, have made this new technology even more relevant.

¨- Imagine that you open an e-mail attachment with a new and dangerous computer virus. The virus immediately starts cutting and pasting in selected system files, while other files are just deleted. Very soon, your computer is wrecked. In addition, the virus is using the network to infect other computers. That’s what the virus believes. The truth is that you can carry on with your work as usual, just like all the others in the network, and no real damage is done. This is what the new technology provides, says Kurt Natvig, responsible for the sandbox technology development at Norman ASA.

First in the world Norman is the first anti-virus company in the world to present this new technology. The terms ”deep scan” and ”sandbox technology” are used to describe the method. “Sandbox” describes the technical solution; the program establishes a simulated computer in an enclosed area, allowing the virus to replicate on the simulated machine under careful monitoring, when the virus has been activated, the sandbox is examined and the vaccine is produced immediately. This ”sandbox technology” should not be confused with traditional heuristics. Norman is now patenting this technology.

User-friendly Scanning engines from the various AV vendors employ different techniques to discover new virus variants or completely unknown viruses (i.e. unknown to the scanning engine). The search for an unknown virus has traditionally been prone to false alarms. A prototype of Norman Virus Control incorporating the new technology can detect unknown viruses with a minimal risk of false alarms. The elimination of false alarms is vital for the user of the anti-virus program.

A sophisticated technology The technology is sophisticated, but Norman has the necessary experience and resources to incorporate the Sandbox method. It doesn’t matter if the virus tries to camouflage itself through encryption or by using polymorphic, metamorphic or other hiding techniques. Norman Virus Control detects it anyway. The method is based on the basic function of a computer virus: replication.

A presentation of the technology is available through Virus Bulletin; www.virusbtn.com/vb2001/ or through Norman ASA (PDF file).

For further information please contact

Norman ASA, VP MArketing Bjørn A. Windfeldt, tel.+47 67 10 97 76, mob. +47 41 53 97 76

Security Information

>>	The Internet Crime Complaint Center's report for 2007
>>	2007

Security News and Advisories

>>	No critical updates for Microsoft systems in July 2008
>>	Three critical updates for Microsoft systems in June 2008

Norman is one of the world’s leading companies within the field of data security. With products for antivirus (virus control), personal firewall, antispam and antiadware, the company plays an important role in the data industry.