Dancho Danchev (you may or may not know him from his blog) has put together a new whitepaper about the evolution of malware.
There is, by no means, a shortage of opinion on how malware will evolve - it is a topic of considerable interest in the security community and there are tons of predictions about how malware authors will (or will not) continue to incorporate new distribution vectors and new types of payloads into the software that they write. Most of the time, these predictions (particularly the ones from the AV community) are either biased or patently inaccurate. Given that, I found this paper to be a interesting viewpoint and free of the bias that typically peppers this type of report. Although some of the early supporting research is interesting too, I recommend skipping to the end for the time-challenged reader: particularly the last 3-4 pages where he lays out the trends that he feels are significant going forward.
Although I don't agree with everything in the paper (e.g. malware on mobile devices), he lays out some really interesting data on localization/regionality, interoperability, and the economics of malware authorship. All in all, the last 3 pages are well worth the security researcher's time.
Posted by Ed at January 18, 2006 09:49 AM