Symantec culls user data to spot unsafe programs

Repuation AV to beat the bad guys.

By Maxwell Cooter, Techworld | Techworld
Published: 10:10 GMT, 26 June 09

Symantec is to use the 'wisdom of the crowds' and introduce reputation-based security in the next version of its Norton Antivirus 2010 product.

The software, due out at the end of August, the company will be using information gathered under its Community Watch programme.

Gerry Egan, Symantec product management director said that the problem that the company faced was that the old way of checking for anti-viruses was inefficient. "There are two approaches: blacklisting works well with files that you know are bad, and whitelisting, which works well with files that are known to be good - but these don't work so well in the middle - it was clear that we needed a new model."

Egan said that since 2007, Symantec had been working on the idea that the wisdom of the crowds would fill the gap

"We already use this approach for things likes books, music and films, we're happy to be guided by other people's opinions. We're using a variant of that." He added that Symantec didn't ask the individual users themselves. "To a user it's not obvious what is safe: Some threats are silent, sometimes the user doesn't know they're there, some threats infect legitimate process while other threats pretend to be legitimate."

He said that this reputation-based approach worked by constantly surveying the data being gathered from users without any need for human interaction. "We've devised our own algorithm within Symantec that takes the data from the 30 million users who have signed up to Community Watch and calculates whether every individual program is safe or not," said Egan.

Obviously, there will be new files that we'd be unsure about but we have an arrangement with reputable publishers to pre-approve their software. "For example," said Egan, "Adobe could release a new program next week but they'd be on the approved list of publishers," he said.

Egan said that this reputation-based approach would be used in consumer products first but would eventually make it into enterprises. He thought the new release would move Symantec ahead of its competitors and, more importantly, ahead of the bad guys;" I think it will be harder for the bad guys to beat this. We think this will keep us ahead for some time.

What are your views on this subject? Use the form below to post a comment on this article up to 500 characters.

Characters remaining: 500

Related Security news

Hacker attacks on US military jump sharply in 2009

China source of most attacks, says report

21 November 2009

Microsoft denies building security 'backdoor' in Windows 7

Privacy organisations shouldn't read too much into NSA involvement it says

Pentagon expands exclusive deal with McAfee

Department of Defense uses McAfee products

Police arrest pair over global banking web scam

Man and woman arrested in Manchester for using notorious Zeus Trojan

Related Security reviews

Lumension application control review

Bit9 Parity Suite

BitDefender Total Security 2008

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Database security: Preventing enterprise data leaks at the source

IDC discusses the growing internal threats to business information, the impact of government regulations on the protection of data, and how enterprises must adopt database security best practices...

Download Whitepaper

Service-oriented security

SOA has become an integral part of enterprise software by providing a framework to efficiently develop software as services that is easily sharable, reusable, and integrated. No where is the need more apparent than in the Identity Management space. Welcome to the age of Service-Oriented Security (SOS).

Download Whitepaper

Data protection prospective vendor checklist

Organisations need a way to map business needs against all these challenges in procuring a technical solution. To help, SANS has developed the following Prospective Vendor Checklist.

Download Whitepaper

Unlock the power of the mainframe

This whitepaper presents the notion of CICS as an integration hub based on a component-based, service-oriented architecture supporting Web services. Highlights will review the challenges and contrasted support for Web services natively in CICS.

Download Whitepaper

Techworld UK - Technology - Business

COLT White Paper

Are all VoIP services the same?

Questions to ask your service provider to ensure you get the VoIP service you need
With careful choice of partner, your business can have all the advantages of VoIP access - reduced costs, flexibility and simplicity - without the drawbacks.
This white paper is your guide to ensure you get right the VoIP service and details the pitfalls which businesses would do well to avoid.

Download white paper
BMC

Ride the express lane in the journey to speed ITIL adoption

Explore the challenges in making the journey to ITIL and the criteria for selecting consulting services
By following ITIL practices, your IT organisation will become more closely integrated with the business. We recommend making the journey to ITIL in a sequence of six incremental steps, the phases of which are driven through execution of a strategic transformational roadmap.

Download white paper

Webcast: IT Financial Management: Cost Optimisation for Efficiency and Agility.
On Demand Webcast
Join this webcast to learn about the techniques and technologies that can help you prove the value of IT to the business by understanding the true cost of today's IT services and those that will be necessary to deliver future success.

Register Today

Site Map

IDG Network

* *