Email this page Print this page Give us your feedback
Panda Security China » Antivirus Software » Products » Collective Intelligence
Collective Inteligence

综合智能

对您电脑造成最小程度的影响,获取最高程度的保护。

熊猫安全的综合智能是一个在线实时数据库。里面存储了大多数的签名文件,而在终端仅保存少数签名文件。每个熊猫软件用户都是新恶意软件的感应者,他们可以把流行恶意软件的数据发送至云端。这个新方法大大减少了用户电脑的带宽占用,并且能提供更快、更全面,更新的保护。

“迄今为止,熊猫安全公司是唯一家拥有(综合智能)技术的最大安全厂商 … 反病毒公司如果至今还没有计划相当于现在100倍的恶意软件数量,而采取相应措施,那么这些公司还没有仔细思考过这个问题。”
来自杨基集团对综合智能的报道(2007年12月)

自2007年综合智能技术开始投入使用,已经为许多熊猫用户保驾护航。这个技术让熊猫公司搜集病毒样本的数量,相当于传统杀毒软件公司的10倍。

熊猫安全公司是第一个研究出这种技术和机制,知识和经验,也是最早将综合智能技术运用到商业产品之中。熊猫2010新个人版产品就是基于综合智能而开发的,这个系列新产品的亮点归结为一句话就是:对您电脑造成最小程度的影响,获取最高程度的保护。

  

Best proactive detection

综合智能让恶意软件的检测,和主动防御最新威胁的流程,完全自动化。

We’d like to invite you to read the next pages and find out more about Collective Intelligence, its fundamentals, a simple description of the way it works and the outstanding benefits for the Panda 2009 product users.

Malware Landscape “Collective Intelligence” Fundamentals|User Benefits

Current malware is invisible, silent and most importantly, financially motivated. Security has moved beyond protecting your computer to protecting your identity. Today it is not only about computer security, it is about identity protection.

Cyber-crime is migrating from amateurs to professionals working for organized crime rings. These criminal enterprises are so efficient and confident that they operate like legitimate businesses.

The number of malware variants is growing exponentially while the number of computers infected by each sample is decreasing. The gap between created and detected malware keeps increasing.

 AV-Test.org's Sample Collection Growth
Malware collected per month – AV-

As a result, security solutions solely based on continuously updated signature files cannot keep up with malware growth. They are no longer sufficient to guarantee users’ security.

Malware Landscape “Collective Intelligence” Fundamentals User Benefits

  1. Collection of data from the community. The system centrally collects and stores behavioral patterns of programs, file traces, new malware samples, etc. This data comes from Panda users and from other organizations. This extensive capacity to collect information provides greater visibility and full traceability of new malware techniques and distribution points.
  2. Automatic leverage of data. The system automatically analyzes and classifies the thousands of new samples received every day. To do this, an expert system correlates the data received from the user community with PandaLab’s extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received, thereby protecting users faster and better. Additionally, a constantly updated white list of over 10 million files prevents known ‘good’ files from being scanned, improving and speeding up the scanning process and minimizing the resource consumption of protected systems.
  3. Making the knowledge and solution available. This knowledge is delivered to users as web services or through signature file updates and real-time queries to the cloud.

The Collective Intelligence approach allows detecting much more malware than the manual detection system that some laboratories use. Also, it can detect even threats not yet identified. Combining Collective Intelligence and TruPrevent technologies. Panda is capable to detect the most sophisticated malware.

The fundamentals of the “Collective Intelligence”

Malware Landscape|“Collective Intelligence” Fundamentals User Benefits

 

PANDA 2009 retail products

Traditional antiviruses

Improved Detection

Each Panda customer acts as a malware sensor. As soon as a malicious process is detected on a user’s PC by the Collective Intelligence servers, all users worldwide automatically benefit from that specific detection in real-time. This results in close to real-time detection -not only of initial malware outbreaks- but also of targeted attacks aimed at infecting a small number of users to stay below the radar.

NOTE that this model does not present any privacy issues, since no personal information is sent from the user’s PC to the Collective Intelligence server.  In other words, there is no data transfer; only queries are sent from the user’s PC to the CI server.

Traditional antivirus solutions are architected with a PC-centric philosophy. This means that a PC is treated as a single unit in time and any malware detected within that PC is considered separately from the rest of the malware samples detected in millions of other PCs.

Improved Desinfection

Automated, short-lasting processing and classification. Thanks to the Collective Intelligence infrastructure, the malware collection, classification and remediation processes are automated and performed online for the vast majority of strains.

Semi-manual, long-lasting processing and classification. Each new malware sample needs to be sent to the lab by an affected user, reversed engineered to create a detection signature and disinfection routine, sent to quality assurance for testing, uploaded to production servers, replicated worldwide, and finally downloaded and applied by customers.

Improved Detection & resource consumption

No resource limitation. The scanning power used at the Collective Intelligence servers is only limited by hardware and bandwidth scaling. With Collective Intelligence, the majority of malware samples can be analyzed and classified automatically with the most resource-intensive proactive techniques in a matter of minutes. Most processes are performed ‘in the cloud’ and not on the customers’ PC, where fewer resources are available.

Traditional antivirus solutions perform the scanning processes on the users’ PCs, taking up a lot of their limited resources. This prevents them from being able to use resource-intensive proactive techniques.

Improved Detection & resource consumption

The automated malware remediation module automatically creates detection and disinfection signatures for the samples previously analyzed by the processing and classification module. Most signatures do not need to be downloaded to each customer as they operate from the cloud.

With traditional antivirus solutions, remediation is done semi-manually. Also, all signatures need to be downloaded to the customer, consuming bandwidth and memory resources.

Continuous improvement of protection tools.

The community feature of Collective Intelligence provides full visibility and traceability of the new malware techniques and distribution points. This knowledge allows Panda to continuously improve customer protection, and has some interesting applications and benefits for law enforcement efforts.

Traditional antivirus suppliers have partial visibility and limited traceability of malware and therefore cannot improve their products as quickly as necessary. The protection offered by their products gets worse every day.

Improved Detection & resource consumption

Panda Security’s Collective Intelligence platform includes a white-listing component that complements and improves black-list detection reducing false positives and scanning and processing times.

Traditional antivirus solutions need to scan all files, including ‘good’ ones, and therefore consume more system resources with more false positives.

For detailed information, please read from traditional antivirus to collective intelligence, by Panda Research.

Placeholder for Fifth Card Tab. Afected by DivMain, DivBody, DivCentral-Int, DivContent & DivCard5
Placeholder for Sixth Card Tab. Afected by DivMain, DivBody, DivCentral-Int, DivContent & DivCard6