We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Anti-malware vendors to merge PC scans

SMB: Herd intelligence benefits IT security

However, despite the advantages of moving to a herd mentality model, the expert recognizes that there might be significant obstacles for vendors to overcome in making such a transition -- including the cost of shifting away form their existing malware signature creation and distribution methodology.

Among the biggest issues for anti-malware vendors to consider is the issue of false positives as many legitimate or nefarious programs may be misclassified by one vendor or the other, and behaviour detection-based tools will still be needed to keep an eye out for sites and applications that have been compromised.

Customers may represent another hurdle, Jaquith said, as not all companies will initially be comfortable with sharing the necessary level of access with vendors, and some may fear that such a system could offer new opportunities for data loss. Prevx, for one, is already dealing with the issue of privacy by guaranteeing that the only information being sent over its pipelines from customer PCs is related to executable files.

An even larger problem could be the "data glut" generated by the herd anti-malware networks.

"Telemetric data provided by herd endpoints will be substantial," said Jaquith. "Anti-malware vendors will need to spend significant millions of dollars of capital to create scalable infrastructures to collect, process, and store data furnished by endpoints."

The white lists of legitimate applications maintained by anti-virus vendors will also need to be updated frequently to address the release of approved programs and patches, a process that will require even additional levels of cooperation between many different types of software makers, he said.

Along similar lines, Symantec researchers recently detailed a new program through which they are gathering detailed information about software applications installed onto the computers of customers using its desktop anti-malware suite.

Using an opt-out participation model, the experiment studies the behaviour and distribution details of individual programs to help make recommendations to users about which programs they decide to install or avoid.

"Right now, this is just a long-term research project, but we hope that as we get more users involved in the system, we can truly get a better idea of what is on people's computers so that we can identify malicious software based on the demographics of who is using it versus what it does," said Carey Nachenberg, a senior member of Symantec's Security Research team.

"We're hoping to get more clarity through the large base of users we have," he said. "By collecting this data, we should be able to get the most comprehensive view of the usage patterns to derive reputation information for everything they use."

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model