A View from Robert Lemos

Antivirus Firms Look to Solidify Cloud Model

Cloud or not? Antivirus companies look for faster ways to detect malicious code, but are foggy on the exact definition of a cloud service.

  • September 1, 2009

In the search for better, faster antivirus detection, many companies are pursuing a “cloud” approach to the problem of identifying viruses and other malicious software. Yet, while most vendors agree that moving the analysis–or intelligence–of the product from the user’s computer to Internet-connected servers at a company’s facility–the “cloud”–is the essence of a cloud service, they disagree to what extent security firms have moved to the cloud.

“On the surface, it is hard to differentiate because people can use the term ‘cloud’ really frivolously,” says Oliver Friedrichs, CEO of startup Immunet. “When we talk about cloud, we are talking about fairly advanced cloud infrastructure and a real-time capability to look up applications to see if they are malicious.”

With Immunet entering the market last month, the competition is heating up. But even the definition of the market is up in the air.

In April, McAfee heralded its Artemis Technology, a service for automating analysis of viruses and other malware, as an effective way to improve antivirus. Later that month, Panda Security claimed to have the first free cloud antivirus solution–a claim that security firm Prevx lambasted a day later, labeling Panda’s product “bloatware with a fancy name.”

“If we weren’t the first, we believe we were one of the pioneers of having the agent watch for malicious behavior and activity and feed it back to our servers,” Prevx CEO Mel Morris says.

Morris argues that being a cloud service is not necessarily a binary proposition. Companies’ products can adopt more cloudlike behavior. Immunet’s service, for example, is not even mostly cloud, Morris argues.

“It does feed back to a centralized database, so I think it has attributes of cloud,” Morris says of Immunet’s product. “You could say it is 70 percent [traditional] AV and 30 percent cloud. While Panda is 30 percent [traditional] AV and 70 percent cloud.”

Yet the services have the same overall goal: to make analysis faster and push the results to users more quickly. McAfee’s cloud technology is an offshoot from its quest to create a better automated analysis engine. Its Artemis Technology automatically analyzes up to 95 percent of all potential threats seen by McAfee’s users. Panda’s Collective Intelligence system crunches through some 37,000 potential threats every day, handling 99 percent of the work in classifying programs.

And while many services may not be completely cloudlike, especially to their competitors, most antivirus companies appear to be including at least the ability to get instant updates from online servers.

“What the antivirus industry is shifting toward is a data-mining problem more than an analysis problem,” Immunet’s Friedrichs says. “There are so many threats today that an analyst cannot analyze them all, so we are using data-mining techniques to find the needles in the haystack.”

The latest Insider Conversation is live! Listen to the story behind the story.

Subscribe today
Already a Premium subscriber? Log in.

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Premium.
  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look. Exclusive early access to stories.

    Insider Conversations. Listen in as our editors talk to innovators from around the world.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.