Basic protection?

Jun 29, 2008 at 12:38 PM
I was planning a process checker in the future, as part of a plan to make security in Microsoft products more effective. Maybe a smart progam that checks normal CPU usage and when there may be malware (raised CPU usage).
Jun 29, 2008 at 12:39 PM
If anybody is interested, please post a reply.
Jul 1, 2008 at 12:38 AM
Edited Jul 1, 2008 at 4:08 AM

You would need to look at more than CPU usage for two reasons.  1) Some programs require the CPU to go nuts, 2) it's easy to force a program to use very little amounts of CPU.  So basically you have a lot of false positives and false negatives making the tool rather useless.  A better idea would just be to require a PKI signing infrastructure for all application on your platform.  Make vendors get a registered certificate (free) but would allow you to kill an entire vendor.  Also the vendor could sign based on a tree so you could use digital signatures to allow or deny applications at an enterprise level. 

-Matt