Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

A View from Robert Lemos

Antivirus Firms Look to Solidify Cloud Model

Cloud or not? Antivirus companies look for faster ways to detect malicious code, but are foggy on the exact definition of a cloud service.

  • September 1, 2009

In the search for better, faster antivirus detection, many companies are pursuing a “cloud” approach to the problem of identifying viruses and other malicious software. Yet, while most vendors agree that moving the analysis–or intelligence–of the product from the user’s computer to Internet-connected servers at a company’s facility–the “cloud”–is the essence of a cloud service, they disagree to what extent security firms have moved to the cloud.

“On the surface, it is hard to differentiate because people can use the term ‘cloud’ really frivolously,” says Oliver Friedrichs, CEO of startup Immunet. “When we talk about cloud, we are talking about fairly advanced cloud infrastructure and a real-time capability to look up applications to see if they are malicious.”

With Immunet entering the market last month, the competition is heating up. But even the definition of the market is up in the air.

In April, McAfee heralded its Artemis Technology, a service for automating analysis of viruses and other malware, as an effective way to improve antivirus. Later that month, Panda Security claimed to have the first free cloud antivirus solution–a claim that security firm Prevx lambasted a day later, labeling Panda’s product “bloatware with a fancy name.”

“If we weren’t the first, we believe we were one of the pioneers of having the agent watch for malicious behavior and activity and feed it back to our servers,” Prevx CEO Mel Morris says.

Morris argues that being a cloud service is not necessarily a binary proposition. Companies’ products can adopt more cloudlike behavior. Immunet’s service, for example, is not even mostly cloud, Morris argues.

“It does feed back to a centralized database, so I think it has attributes of cloud,” Morris says of Immunet’s product. “You could say it is 70 percent [traditional] AV and 30 percent cloud. While Panda is 30 percent [traditional] AV and 70 percent cloud.”

Yet the services have the same overall goal: to make analysis faster and push the results to users more quickly. McAfee’s cloud technology is an offshoot from its quest to create a better automated analysis engine. Its Artemis Technology automatically analyzes up to 95 percent of all potential threats seen by McAfee’s users. Panda’s Collective Intelligence system crunches through some 37,000 potential threats every day, handling 99 percent of the work in classifying programs.

And while many services may not be completely cloudlike, especially to their competitors, most antivirus companies appear to be including at least the ability to get instant updates from online servers.

“What the antivirus industry is shifting toward is a data-mining problem more than an analysis problem,” Immunet’s Friedrichs says. “There are so many threats today that an analyst cannot analyze them all, so we are using data-mining techniques to find the needles in the haystack.”

Keep up with the latest in security at EmTech MIT.
Discover where tech, business, and culture converge.

September 11-14, 2018
MIT Media Lab

Register now
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.