What you need to know
- Microsoft recently announced Project Freta, which detects malware.
- Project Freta is a free tool that uses a new approach to detecting malware.
- The project utilizes thousands of images of virtual Linux machines.
- The project currently supports Linux, but Windows is on Microsoft's roadmap.
Last week, Microsoft unveiled Project Freta, a cloud-based malware detection service (via Bleeping Computer). The project aims to detect malware that previously went undetected on Linux cloud VM images. It's a free service from Microsoft Research that can detect OS and sensor sabotage. Microsoft Research breaks down Project Freta in a recent blog post.
Malware that's difficult to detect is significantly more valuable than malware that's been detected before. Microsoft explains that undetected malware won't appear on attack reporting and can be reused several times. Once a piece of malware is detected, it becomes easier to detect in the future and is therefore less successful, and valuable, to attackers. Microsoft's Project Freta aims to make it more costly and difficult to make malware that can go undetected.
Project Freta utilizes snapshot-based memory forensics. This means that it can sweep memory for unknown malware by comparing images of virtual machines. These techniques are already used in the tech industry, but Microsoft explains that Project Freta intends to "automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button—no setup required."
Project Freta uses four properties to sense malware. Here are the properties as outlined by Microsoft:
Detect. No program can:
Detect the presence of a sensor prior to installing itself
Hide. No program can:
Reside in an area out of view of the sensor
Burn. No program can:
Detect operation of the sensor and erase or modify itself prior to acquisition
Sabotage. No program can:
Modify the sensor in a way that can prevent the program's acquisition
Most forms of malware detection rely on sensors that look for specific threats. Project Freta reverses that approach and looks for things that are missing. It does this by creating snapshots of thousands of Linux cloud virtual machines. To start, Project Freta supports over 4,000 kernel versions.
If implemented successfully, Project Freta will force attackers to re-invent malware to go undetected, which should reduce the number of viable attack methods.
Right now, Project Freta is only available for Linux images but support for Windows is on Microsoft's roadmap.
We may earn a commission for purchases using our links. Learn more.
Surface Duo is better at multitasking than Galaxy Z Fold 2. Here's why.
The $2,000 Samsung Galaxy Z Fold 2 and $1,400 Microsoft Surface Duo are garnering many headlines because of pricing, and they both "fold" in some manner. But these devices are radically different, a point demonstrated with great effectiveness by @iAm_erica in this new video.
Review: Samsung Galaxy Book S brings amazing battery life, tough keyboard
Samsung's Galaxy Book S runs the latest Qualcomm Snapdragon 8cx ARM processor. With a slick, slim design and weighing just 2.1lbs how does this ultra-light laptop handle office productivity? With exceptionally good battery life and that always-on 4G LTE we have some thoughts in our latest review.
The games on Xbox Cloud Gaming that need touch controls
Minecraft Dungeons proved that touch controls and cloud streaming games can work, so we put together a list of the games we think need touch controls as soon as possible.
Finding Xbox One Wireless Controller replacement parts is easy
Here are all the replacement Xbox One controller parts you need for an easy fix.