DriveSentry

DriveSentry is an antivirus program, developed by DriveSentry Inc, to protect Microsoft Windows users from malware . It is available for personal use, though with restricted functionality.

Company overview

DriveSentry Inc. , founded in 2005, is a computer security company. Headquartered in Mountain View, California , the company also conducted major operations of Nottingham , England. Originally centered on drive firewall technologies, DriveSentry Inc developed and patented the world’s first firewall for disk drives. [1] Since 2005, DriveSentry Inc has expanded to the competitive field of AntiVirus solutions.

Detection methods

DriveSentry provides a realtime and on demand virus scanner , and uses the following methods to determine if an application contains a virus before allowing it to run:

  1. Whitelisting : Programs are first checked against a list of trusted and validated applications and files. These “whitelisted” files are allowed to run without restriction.
  2. Blacklisting : Only if programs are not present on the whitelist they are checked against an updated database list of virus signatures; those files whose MD5 signature is on the list to be moved to quarantine area if they attempt to gain access to system or data. This is a technique as it is used by the world of defense.
  3. Heuristics If the program is not one of them, it is compared to that of previous encountered malware.
  4. Community Statistics: DriveSentry also collects and stores user statistics based on access decisions made by the user, which is shared among all other users.

DriveSentry partners with Offensive Computing and Frame4 Security services to collect and analyze malware for the database list.

Although DriveSentry ‘s basic features are available for free, it’ s more advanced features such as to automatically update its white and blacklists.

White / Blacklisting

Articles in computing publications discussing new malware protection technologies – such as whitelisting – claiming that traditional antivirus technologies are having a strong impact on viruses, trojans and other malicious threats . The popularity of the Internet and the data can now spread, allows threats to propagate faster, requiring traditional antivirus products to play “catch-up” with new zero day threats . The techniques of using white / blacklisting and community feedback, may offer greater security [2]

However, this functionality does not necessarily exist, but only if it is implemented, and even prevents it from running even if it is harmless. DriveSentry avoids this issue by allowing the user to be prompted if programs do not appear in the black or whitelist. This then forces responsibility to the end to determine what is good or bad. DriveSentry attempts to help the user by monitoring the action of the program and calculating and displaying a threat rating. Furthermore, malicious software that has been included on the whitelist can still be executed. [2]

References

  1. Jump up^ DriveSentry offers ‘firewall’ for hard drive ArchivedMarch 2, 2007, at theWayback Machine.
  2. ^ Jump up to:b DriveSentry living Symantec ‘s Dream Archived September 7, 2008, at the Wayback Machine .

Leave a Reply

Your email address will not be published.