Quantcast
Article Index |Advertise | Mobile | RSS | Wireless | Newsletter | Archive | Corrections | Syndication | Contact us | About Us| Services
 
  Breaking News :    
Advertisement
Xoom
BizLinq

INQUIRER ALERT
Get the free INQUIRER newsletter
Enter your email address:

 
Infotech Type Size: (+) (-)
You are here: Home > Technology > Infotech

  ARTICLE SERVICES      
     Reprint this article     Print this article  
    Send as an e-mail     Send Feedback  
    Post a comment   Share  

  RELATED STORIES  




imns


TO DETECT MALWARE
Symantec uses crowd-sourcing

By Lawrence Casiraya
INQUIRER.net
First Posted 17:29:00 01/12/2009

Filed Under: Technology (general), Internet, Hacking, Computing & Information Technology

MANILA, Philippines--Symantec's new approach against malware roughly uses the "wisdom of the crowds," which is drawing from the behavior of its installed base worldwide.

This "reputation-based" approach will begin to appear later this year starting with the company's Norton line of antivirus software, a top executive said.

Mark Bregman, Symantec's chief technology officer, offers an analogy in an interview during a recent visit to Manila.

"It's like selecting from a row of restaurants," Bregman said.

He explained further: "A restaurant with only a few customers could mean that it's not good. Meanwhile, another restaurant could be full of people but you don't necessarily feel at ease with that group of people."

This analogy applies to every software program or application Symantec is able to detect in PCs using its software.

If only a few PCs are using particular software, this could mean users do not trust this application. This new approach also takes into account users' "hygiene.” If those using the program are vulnerable to attacks, the entire base of users will also be alerted.

"In other words, whether a program can be trusted or not can be inferred from these basic information. All we need is a fingerprint of it, based on which PC it appears," Bregman added.

The traditional antivirus approach entails creating a "blacklist" of known malware.

In its latest Internet Security Threat report (June to December 2007), Symantec said that out of more than 54,000 detected programs released publicly, about 65 percent are classified as malware.

Today's viruses, however, are targeted at a specific demographic of users; according to Symantec. Hence, blacklisting would not make sense leading to Symantec's reputation-based approach.

Bregman said Symantec has turned on the "reporting" feature in Norton (or collecting known programs) while the reputation-based feature will be activated in the next release.


Copyright 2009 INQUIRER.net. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Share

RELATED STORIES:

OTHER STORIES:

COLUMNS:


  ^ Back to top

© Copyright 2001-2009 INQUIRER.net, An INQUIRER Company

The INQUIRER Network: HOME | NEWS | SPORTS | SHOWBIZ & STYLE | TECHNOLOGY | BUSINESS | OPINION | GLOBAL NATION | Site Map
Services: Advertise | Buy Content | Wireless | Newsletter | Low Graphics | Search / Archive | Article Index | Contact us
The INQUIRER Company: About the Inquirer | User Agreement | Link Policy | Privacy Policy
Advertisement
Inquirer Mobile
Property Guide
Hackenslash
Jobmarket Online