Profile: Carey Nachenberg

Name: Carey Nachenberg

Title: Symantec fellow

Company: Symantec Corp.

Age: 35

Industry: IT/computer-related services/consulting

30-second biography: As a Symantec intern in the 1990s, Nachenberg developed code for products such as Norton Commander, analyzed viruses and wrote virus fingerprints, and eventually went on to design and build the company's core antivirus detection engine technology for Norton AntiVirus. During that period, he began teaching C classes at The Learning Tree.

After completing his master's thesis on a new technique for detecting self-mutating, or "polymorphic," computer viruses in 1995, Nachenberg went to work at Symantec full time. His first project was to commercialize his research and integrate this technology into Norton AntiVirus. Shortly after, he spearheaded the notion of a modular antivirus engine, allowing Symantec to evolve its antivirus technology just as rapidly as the bad guys.

Now one of six Symantec fellows, Nachenberg holds 18 software patents and pursues his love of teaching by lecturing in undergraduate computer science courses at UCLA.

Current project: I'm researching two areas: how we can use community-based systems to automatically derive good/bad ratings for application programs and Web sites; and how we can finally deploy a whitelist-based antivirus/antispyware product that will once and for all eliminate viruses, worms and spyware from the enterprise.

With attackers creating customized threats, security companies are forced to write tens of thousands of signatures per month. I'd argue that we are at an inflection point, where the number of malicious programs being created is beginning to exceed the number of legitimate application programs created. It is becoming more economical for security companies to write fingerprints for legitimate programs rather than the bad ones. The challenge with this approach is building an infrastructure to collect legitimate programs and URLs to fingerprint, and then automating their fingerprinting. But literally tens or hundreds of thousands of software developers are creating legitimate applications and Web sites around the world. To deal with this, I'm looking into using Web 2.0 techniques such as community ratings (like those used on eBay to rate sellers) to automatically categorize application software and Web sites. The problem is that users rarely understand whether the software they download and install is malicious or not, so we can't simply ask the user, "Were you happy with the application you just installed? Was it bad?" This information needs to be gathered via more clever means. It's early, but we have an approach that looks promising and may eventually help the security industry finally shift to a whitelist model.

The best thing about today's technology: It makes vast amounts of information available whenever and wherever you are.

The worst thing about today's technology: It doesn't just work the way your toaster does. Your toaster doesn't crash or blue-screen.

Technology can . . . transform the way humanity lives, learns and interacts - unfortunately, empowering both well-meaning and malicious people equally.

What sets you apart? My ability to constantly branch into new security areas and develop useful innovations in those areas that improve the lives of real users.

Return to "40 Under 40 slideshow"  |  See Computerworld's 40th Anniversary Special Report


Copyright © 2007 IDG Communications, Inc.

How to supercharge Slack with ‘action’ apps
Shop Tech Products at Amazon