search menu icon-carat-right cmu-wordmark

Quantum Approach to Inverse Malware Eradication

January 2019 Presentation
Daniel Medina (Glasswall Solutions Inc.), Matt Shabat (Glasswall Solutions Inc.)

The goal of this presentation is to inform people that using a 'pass only known good' methodolgy through a quantum approach simplifies the solution and the future of information security will benefit from an inverted approach to security.

Publisher:

Glasswall Solutions

Abstract

A quantum approach to malware eradication addresses the needs of organizations, which are facing a shortage of cybersecurity staff and resources, to tackle the increasing and dynamic cyber threat they are facing in a distributed and mobile computing environment. This approach closes the existing security gap and provides entities with a layer of security and protection between end-user and the Internet. It also provides a new sensing capability to provide a novel vantage point for threats in near real-time while sharing that visibility through standardized methodologies. The quantum approach to malware eradication inverts current common practices through the rewrite of binaries and documents to drive inbound and outbound files into compliance with permitted behaviors—an organization’s pre-established file risk parameters. This approach borrows from a variety of reductionist models introduced over the last few decades across the physical, biological and social sciences to analyze, describe and at times control the emergent properties of complex adaptive systems at their most fundamental, constituent levels. Positing that a file, including its content and behavior, emerges from the complex interactions of its constituent parts, the approach reduces it to predictable building-blocks and then regenerates them in accordance with a controlled, pre-established rule set without an impact to content, but with risk-based behavior controls. Interdicting files before they reach an endpoint, the quantum approach offers the opportunity to significantly reduce the vulnerability introduced into enterprises by the human user who is susceptible to a variety of social engineering attacks. It is the ultimate “left of boom” method that eliminates as much malware as all retroactive detection methods combined with no human interaction. Combining these methods is the future. It is scalable such that small- and medium-sized organizations can afford it, and it is flexible such that it can be applied across multiple use-cases.