CIO — For the past 25 years, a war has waged between malicious programmers and the researchers trying to make computing safe for the enterprise. The battle has shown no signs of subsiding — once a new countermeasure is deployed, the hackers find new ways to make IT worried.

"Almost all malicious software comes from the Web, but the Web is becoming much more transactional," says Gartner analyst Peter Firstbrook, referring to corporate America's growing reliance on Web sites like Salesforce.com to conduct business. Yet, he says that as many as 60 percent of all publicly accessible Websites are infected with malware. That means the enterprise needs to deploy ever-more-intelligent systems to combat these threats.

Meanwhile, the world's top security labs — such as those operated by Symantec, VeriSign, McAfee, Kaspersky and Kindsight — are working on innovative countermeasures that will soon make their way to the gateway appliances used in data centers, and none too soon. Read on to learn about five approaches security experts are taking to help beat the bad guys

To continue reading, register here to become an Insider

CIO — For the past 25 years, a war has waged between malicious programmers and the researchers trying to make computing safe for the enterprise. The battle has shown no signs of subsiding — once a new countermeasure is deployed, the hackers find new ways to make IT worried.

"Almost all malicious software comes from the Web, but the Web is becoming much more transactional," says Gartner analyst Peter Firstbrook, referring to corporate America's growing reliance on Web sites like Salesforce.com to conduct business. Yet, he says that as many as 60 percent of all publicly accessible Websites are infected with malware. That means the enterprise needs to deploy ever-more-intelligent systems to combat these threats.

Meanwhile, the world's top security labs — such as those operated by Symantec, VeriSign, McAfee, Kaspersky and Kindsight — are working on innovative countermeasures that will soon make their way to the gateway appliances used in data centers, and none too soon. Here are five approaches security experts are taking to help beat the bad guys:

1. Monitor Hackers' Tweets to Flag Suspicious Websites

In the movie "Minority Report," agents used "precognitive" techniques to stop a murder from happening. At Verisign Labs, new research conducted with Purdue University shows how predictive analysis can stop infections from occurring, helping the enterprise stay one step ahead of hackers.

The idea is to scan the publicly available Twitter activity of hackers and compare discussions about specific domains with existing threat databases, in order to assign a security "reputation" to Website domains. For example, hackers may discuss creating a new Web site to exploit a scandal in the news; if the new site is registered and code quickly appears after the Twitter discussion, the site would be flagged as malicious.

"We are connecting the dots between users and applications," says Burt Kaliski, the CTO of Verisign, explaining how this new technique uses social behavior to track down hackers.

For the enterprise, it means the research could lead to an endpoint appliance that quickly categorizes sites according to reputation. The rankings would change based on the analysis of Twitter feeds.

Firstbrook says these techniques are important because, once you track down one site from a malware purveyor, you can usually start uncovering more sites and build a database of activity. He says Blue Coat Systems' WebPulse **** ( http://www.bluecoat.com/security/webpulse ) uses a similar "reputation analysis" technique to scan for domain registrations by known hackers. He also notes that most security labs already monitor chat rooms and that Verisign "will not solve the problems of the world by monitoring Twitter."