Dr Godfrey Gaston, CSIT Director, said: “One of the projects we’re working on is very high-volume internet Deep Packet Inspection. Current anti-virus security software is mostly signature-based, which simply can’t handle high volumes of traffic, such as in streaming applications or IPTV situations, for example. We need to move in the direction of hardware solutions.”

Most major security suites integrate a signature-based scanning engine, as well as heuristic detection tools. The responsive nature of signature detection makes it ineffective against zero-day threats, and polymorphic/metamorphic botnet malware which is becoming increasingly common.

David Harley, ESET Director of Malware Intelligence, said: “The signature approach isn’t entirely dead, and never will be from the perspective of an effective cleanup after the event. However, it’s very time and resource intensive, and isn’t very flexible or fast when dealing with large traffic volumes. There’s a huge amount of effort going into cloud-based technologies that show great promise here.”

It has been revealed that malware-related click fraud is at an all time high, according to a study from Click Forensics. In Q3 this year, 42.6 per cent of fraudulent clacks were from botnets, compared with 27.6 percent in the same period of 2008. Although click fraud itself is not a new phenomenon, recently-discovered botnets such as Bahama specialise in the scam.

However, Harley sounded a note of warning: “The real problem is that there is this continuing perception that malware is a purely technical problem, but there’s no security product on the market that can’t be bypassed in some way by attackers who think they are immune from prosecution. Education is the key.”