Malicious web sites have become increasingly sophisticated and difficult to detect and block over the past four years, and many anti-virus engines suffer significantly from false positives and negatives, according to new research from Google.
The web firm has been blocking threats in the cloud via its Safe Browsing feature for over five years, and has analysed four years of that data to build the Trends in Circumventing Web-Malware Detection report (PDF).
The analysis covers around 160 million web pages hosted on approximately eight million sites, and Google flashes around three million malware warnings to over four hundred million computer users every day.
Social engineering attacks, where the malware is typically disguised as an anti-virus product or browser plug-in, have increased significantly, the report found, although they still comprise only two per cent of all sites distributing malware.
Much more common are IP cloaking and drive-by downloads, in which the attacker often switches exploits to avoid detection.
The report concludes that none of the tools used by Google to spot malware - virtual machine client honeypots, browser emulator client honeypots, classiﬁcation based on domain reputation, and anti-virus engines - is effective in isolation.
"In operational settings, anti-virus engines also suffer signiﬁcantly from false positives and false negatives. Finally, we see a rise in IP cloaking to thwart content-based detection schemes."
Google's ability to spot and clamp down on malware attacks was called into question earlier this week when Imperva released research claiming that hackers could be generating more than 80,000 search queries a day using botnets to identify the most vulnerable targets on the web.
Imperva urged Google and other search engines to improve their network traffic inspection and anti-automation tools.
Government will put money towards training 8,000 new teachers
It is too easy for companies to retract services, leaving customers at a loss
From $5.37 to $954.54 - broadband pricing study reveals wide divergences across the world in the cost of going online
The best Black Friday tech bargains out there