We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,995 News Articles

Anti-malware vendors to merge PC scans

SMB: Herd intelligence benefits IT security

However, despite the advantages of moving to a herd mentality model, the expert recognizes that there might be significant obstacles for vendors to overcome in making such a transition -- including the cost of shifting away form their existing malware signature creation and distribution methodology.

Among the biggest issues for anti-malware vendors to consider is the issue of false positives as many legitimate or nefarious programs may be misclassified by one vendor or the other, and behaviour detection-based tools will still be needed to keep an eye out for sites and applications that have been compromised.

Customers may represent another hurdle, Jaquith said, as not all companies will initially be comfortable with sharing the necessary level of access with vendors, and some may fear that such a system could offer new opportunities for data loss. Prevx, for one, is already dealing with the issue of privacy by guaranteeing that the only information being sent over its pipelines from customer PCs is related to executable files.

An even larger problem could be the "data glut" generated by the herd anti-malware networks.

"Telemetric data provided by herd endpoints will be substantial," said Jaquith. "Anti-malware vendors will need to spend significant millions of dollars of capital to create scalable infrastructures to collect, process, and store data furnished by endpoints."

The white lists of legitimate applications maintained by anti-virus vendors will also need to be updated frequently to address the release of approved programs and patches, a process that will require even additional levels of cooperation between many different types of software makers, he said.

Along similar lines, Symantec researchers recently detailed a new program through which they are gathering detailed information about software applications installed onto the computers of customers using its desktop anti-malware suite.

Using an opt-out participation model, the experiment studies the behaviour and distribution details of individual programs to help make recommendations to users about which programs they decide to install or avoid.

"Right now, this is just a long-term research project, but we hope that as we get more users involved in the system, we can truly get a better idea of what is on people's computers so that we can identify malicious software based on the demographics of who is using it versus what it does," said Carey Nachenberg, a senior member of Symantec's Security Research team.

"We're hoping to get more clarity through the large base of users we have," he said. "By collecting this data, we should be able to get the most comprehensive view of the usage patterns to derive reputation information for everything they use."



IDG UK Sites

3 of the best portable chargers: a solar power charger, a hand-cranked charger, and how to charge...

IDG UK Sites

iOS 8 review: Hands on with the iOS 8 beta

IDG UK Sites

Thinking robots: The philosophy of artificial intelligence and evolving technology

IDG UK Sites

Sharknado 2 VFX: how The Asylum created CG flying man-eating sharks