Reputation Engine Touted As Norton 2010 Weapon in Malware Battle

It is no secret that the anti-virus market has been struggling to keep up with threats. For that reason, many security vendors have been moving away from a strictly signature-based approach in favour of other types of malware protection, using techniques like whitelisting and behavioural-based detection. The latest example of this trend: Norton Internet Security 2010 and Norton AntiVirus 2010 from Symantec.

In both products, Symantec has included its new reputation-based technology — codenamed Quorum — to bolster malware protection. With Quorum, the “uniqueness of a file and its attributes” are used to judge whether it should be classified as new malware, the company stated at it launch.

“More than three years in the making, Quorum tracks files and applications and dozens of their attributes such as their age, download source, digital signature and prevalence. These attributes are then combined using complex algorithms to determine a reputation. As a file is distributed across the Internet and these attributes change, Quorum updates the reputation of the file,” it added.

“The expanding number and sophistication of security threats can no longer be contained through signature files and behavioural heuristics alone,” Jon Oltsik, an Enterprise Strategy Group analyst, said. “Symantec’s reputation-based security technology for 2010 represents a new and important safeguard in a multilayer anti-virus defence. I believe it’s likely that the internet security industry will be building on technologies like Quorum for the next 10 years.”

Symantec said it has also done work to improve the speed of the products, and has included the Norton Insight family of technologies in the 2010 products to offer “extensive online intelligence systems to help proactively protect the PC”. Among those are the Norton Insight Network, which “uses a statistical analysis of file attributes based on billions of scans … to identify the trust level of a file,” and Download Insight, which “analyses and reports on the safety of new files and applications before users install and run them.”

Symantec also added System Insight and Threat Insight. The former “provides a view of recent events on the computer” to analyse performance, while Threat Insight aims to provide granular details on threats that have been detected on a user’s computer, such as the URL from which the threat came.

“One in five people will become a victim of cybercrime,” Rowan Trollope, senior vice president of consumer products and marketing at Symantec, said in the statement. “We know that hackers don’t destroy computers, they destroy lives. The powerful new reputation-based security in Norton 2010 gives people the power to deny digital dangers wherever they are found online.”

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

16 hours ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

18 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

19 hours ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

2 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago