1. Field of the Invention
Embodiments of the present invention generally relate to computer security systems and, more particularly, to a method and apparatus for securing a computer using an optimal configuration for security software based on user behavior.
2. Description of the Related Art
Widespread utilization of Internet technology by various users (e.g., employees, partners, contractors etc. within an enterprise, individuals at home) results in an increase of computer system attacks by various malicious threats (e.g., malicious software programs, such as worms, viruses, Trojan horses and/or the like). Such malicious threats may be transmitted (e.g., downloaded) to the computer system in numerous ways (e.g., as an executable program, an email attachment, malicious HTML code on a web page, and/or the like). For example, a particular malicious threat may be executed on a user computer in order to damage expensive computer hardware, destroy valuable data, consume limited computing resources and/or compromise sensitive information.
Currently, various types of security software programs (e.g., anti-virus, anti-spyware, anti-phishing software programs) utilize one or more detection techniques (e.g., signature validation, behavior blocking, heuristic detection and/or the like), which are often employed to detect the malicious threat and prevent problems caused by the execution of such malicious threats. In general, vulnerability to the malicious software programs correlates with dangerousness of one or more computer user activities. For example, a user computer that is primarily utilized for browsing authorized websites (e.g. news, banks, company intranet, genuine gaming websites etc.) may be less vulnerable than another user computer, through which suspected and/or generally unknown websites are accessed by the respective users. Hence, the user computer and the other user computer require different security settings in order to effectively detect and remediate the malicious threats.
However, the security software programs provide similar security settings for each user computer and disregard different levels of vulnerability to the malicious threats. For example, certain security software programs are configured to use static security settings that suit a majority of users but not a current user. Unfortunately, a high level of security settings (i.e., an aggressive mode) slows down the computer and consumes additional computing resources. As a result, deploying the same security settings for the user computer as that on the other user computer would unnecessarily degrade the performance of the user computer. Although several traditional security software programs have an option for the user to configure the security settings to a satisfactory level (e.g. High, Medium, Low), the default settings are never reconfigured. Further, often the usage pattern is insufficiently known at the time of installation of the security software program, and in such cases, the security software program may be incorrectly configured.
Therefore, there is a need in the art for a method and apparatus for securing a computer using an optimal configuration for security software based on user behavior.