Showing posts with label Technology. Show all posts
Showing posts with label Technology. Show all posts

2009-12-01

What should be the anti-virus tests?



Experts recognize that the traditional, formed for the 80-90-years of the last century, testing the effectiveness of anti-virus software has now become unacceptable. According to Sergei Ilyin (Anti-Malware.ru), now is the time when the antivirus market require complex tests that correspond to actual algorithms for the users and fully functional protection checking - checking for patterns, heuristic analysis, firewall, IDS, HIPS and etc .

Developed by the Virus Bulletin (VB) in the 90's. criteria for testing anti-virus and created on the basis of their virus signature collection of The WildList while recognizing the antivirus industry to this day, but did not take into account the radical changes in the landscape of threats. For example, they explore the virus only under the Windows platform, and only self-propagating virus variants, but under the latter criterion is not subject to broad classes of malicious programs, such as spam bots, spyware. Number of stable active senders who fund The WildList, as stated in the Virus Bulletin Conference in 2007, the head of the test lab AV Test Andreas Marx, does not exceed twenty, and the number of monthly updates - a half dozen. The system for receiving and processing updates burdensome for both the sender and a compilation list, so since the upgrade to the publication of an updated list is about forty days.

Synthetic tests most laboratories AV Test held within four weeks. Antivirus tested every week with updates enabled, and another week - without the possibility of updates. According to experts, testing is done on computers disconnected from the Internet on a limited (for a given criterion) the signature-based virus. This is consistent with the principles of the reproducibility of the test, but does not correspond to the real conditions of exploitation antiviruses.

Retrospective tests conducted by Andreas Clementi of the virus laboratory AV Comparatives, according to experts, it is better than that tests VB, simply because they are used not dozens, but hundreds of thousands of a variety of virus signatures. However, signature-based AV Comparatives database is not publicly, what draws our attention to an expert on products and services company Trend Micro Mikhail Kondrashin. Consequently, it is not in a position to evaluate a wide range of specialists, such as the presence of false signatures. It is also important that, in conducting its tests, the laboratory disables involved in anti-virus products are gaining popularity and drastically affect the effectiveness of cloud antivirus technology.

In early 2008, was formed Anti-Malware Testing Standards Organization (amtso), combining 40 antivirus companies in the association to develop uniform criteria for testing antivirus software. This year amtso published a series of recommendation documents it has developed, and at the end of the summer test laboratory NSS Labs has completed the first test, performed in accordance with these recommendations.

During this test, NSS Labs has collected data about potentially hazardous sites identified are really dangerous, having received as a result of 3243 addresses. For about three weeks to these addresses scans of the antivirus. The test allowed to know how time changes the ability to block scanned by the Antivirus contamination from each of the selected infected web addresses. It should be noted that this test is checked by opposing anti-virus is not active infection, penetrating themselves on your computer, and the infection that occurred at the initiative of the user, triggered by the actions leading to contamination of the methods of social engineering.

It is known that NSS Labs is preparing tests for other types of infections. All this suggests that existing tests are not perfect and require modernization. Hopefully, the technology of testing will be improved with anti-virus programs and we will get objective data on the effectiveness of anti-virus programs.

See more:
Avira AntiVir Personal Edition 9.0.0.415.
Microsoft has released a free antivirus

Share Share

2009-10-02

New anti-virus software will take the example of the ants



As the net-security.org, scientists at Pacific Northwest National Laboratory (PNNL) in Richlande, United States, invented a new way to combat malicious programs in computer systems. Moreover, they have the basis for the principles of behavior of ants. It is known that they have something of a "collective intelligence" and smoothly interact, talking among themselves and ensuring the functioning of the ant. Scientists have decided that this method is useful for the detection and destruction of viruses, trojans and worms.

Modern antivirus programs are based on constantly updated databases of malware, because attackers constantly creating new and new variants. Large databases and the need to frequently update require a lot of resources and not always effective. The principle established by Glenn Fink involves the use of multiple scanners, special programs, which will constantly check your computer or network from multiple computers. When a threat is detected, they will leave marks signals for the other "digital ants", so it can be easy to locate and destroy.

It is planned to create about 3000 different types of such programs. New anti-virus system has already been tested on 64 computers in a network. Scientists have not yet said when they plan to finish the work and submit a final version of the "digital nest".

See more:

Microsoft has released a free antivirus
How to remove a spyware off the computer for free?
Antivirus Ratings


Share Share

Be Sociable, Share!

Popular Posts