Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Uses Reputation To Detect Malicious Downloads

Posted by samzenpus on from the If-you-lie-down-with-dogs-you-get-up-with-fleas dept.

CowboyRobot writes "Using data about Web sites, IP addresses and domains, researchers find that they can detect 99 percent of malicious executables downloaded by users, outperforming antivirus and URL-reputation services. The system, known as Content-Agnostic Malware Protection or CAMP, triages up to 70 percent of executable files on a user's system, sending attributes of the remaining files that are not known to be benign or malicious to an online service for analysis, according to a paper (pdf) presented at the Network and Distributed System Security Symposium (NDSS) in February. While the system uses a blacklist and whitelist on the user's computer to initially detect known good or bad files, the CAMP service utilizes a number of other characteristics, including the download URL, the Internet address of the server providing the download, the referrer URL, and any certificates attached to the download."

5 of 61 comments (clear)

  1. Business karma by jbmartin6 · · Score: 4, Interesting

    It is interesting to see how karma works in the business world. Microsoft has been doing this for quite some time, with a few differences in implementation. But when Microsoft does it, we see that they are spying on us. When Google plays catch up, it grabs headlines for fighting malware.

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    1. Re:Business karma by 14erCleaner · · Score: 4, Informative

      As TFA notes, Microsoft sends information on all scanned files back to a central server, but Google does local evaluation and only sends back info on suspected malware. From a privacy standpoint, there's a big difference between the two.

      --
      Have you read my blog lately?
    2. Re:Business karma by LordLimecat · · Score: 3, Insightful

      This is the huge irony of Microsoft et al trying to create panic over Google's privacy issues; of all the large online service providers, Google is up there as one of the best in regards to reliability, privacy, etc.

      But no, lets all ditch Google for Bing because of privacy issues. Everyone knows that Bing is lots better (when theyre not cooperating with the Chinese gov't).

  2. False positives? by pablomme · · Score: 3, Insightful

    1% of false negatives is good, but how about false positives?

    --
    The state you are in while your HEAD is detached... - wait, what?
    1. Re:False positives? by dcollins117 · · Score: 4, Funny

      1% of false negatives is good, but how about false positives?

      That's the other 99%