Johannesburg, 03 Jul 2009
Symantec product management director, Gerry Egan, has revealed that the company will roll out a reputation-based security engine in its Norton Antivirus 2010 solution by the end of August.
Egan was speaking at the Symantec Cloud Computing and Innovations Showcase, at the Hospital Club in London.
He said security providers are playing cat and mouse with cyber criminals, meaning that as soon as the security vendors bring out smarter weapons to fight malware, cyber criminals haul out more powerful fighting power.
Smarter weapons
He believes conventional methods of detecting malware are dead and that anti-virus vendors can no longer solely rely on traditional ways of detecting malicious code (through blacklisting known-threats and whitelisting safe Web sites and applications). He said it was time for Symantec to take on a new approach.
“It's a game of cat and mouse. As we improve our technology, malware authors adapt new techniques to deploy malware and exploit IT systems. We would love to have a crystal ball to predict their next move, but we don't.
“To a user, it's not obvious what is safe, as some threats infect legitimate processes while other threats pretend to be legitimate. Symantec is now looking at the reputation-based security model as the holy grail of security. Reputation-based security takes on a wisdom-of-crowds approach to harvest the wisdom of the masses.”
Wisdom of crowds
The reputation-based security model works by sifting through the millions of data files being gathered from the 30 million Symantec users who have signed up to the Community Watch. The system identifies which file is safe or not and records it for future reference.
“It gives us actionable data about all files,” said Egan. “It applies to applications, Web sites, multimedia files and e-mail. We take information and put it through an algorithm that enables Symantec to calculate a reputation score without having to ask the user, it happens automatically.”
Egan added: “The idea first came about in August 2006, when Symantec demonstrated its first simulation of the technology, and by August 2007, we had the Norton Community Watch programme. Last year, we introduced Norton Insight which is based on whitelisting technology and now we feel we are ready to take on the next step with the reputation-based model.”
He pointed out that, although the engine will be based in Symantec's Norton range of consumer security products, the technology will eventually roll out to the enterprise. He said: “We believe that reputation is going to revolutionise the way security is implemented.”
Related stories:
Risk shakes up the cloud
Malware attacks Mac OS
Kaspersky urges better Net security
Fake antivirus products infect PCs
Share