There is more malware than ever being released in the wild, and antivirus
companies relying on signatures to protect users cannot keep up with the pace of
creating signatures fast enough. As a result, the current installed base of
anti-malware solutions is proving to be much less effective against the vast
amounts of threats in circulation.
As we have been able to proof in a recent research study, even users
protected with anti-malware and security solutions with the latest signature
database are infected by active malware. Complementary approaches and
technologies must be developed and implemented in order to raise the
effectiveness to adequate levels.
This paper presents the fourth generation of security technologies by Panda
Security, called Collective Intelligence. The Collective Intelligence allows us
to maximize our malware detection capacity while at the same time minimizing the
resource and bandwidth consumption of protected systems.
The Collective Intelligence represents an approach to security radically
different to the current models. This approach is based on an exhaustive remote,
centralized and real-time knowledge about malware and non-malicious applications
maintained through the automatic processing of all elements scanned.
One of the benefits of this approach is the automation of the entire malware
detection and protection cycle (collection, analysis, classification and
remediation). However automation in and by itself is not enough to tackle the
malware cat-and-mouse game. With large volumes of malware also comes targeted
attacks and response time in these scenarios cannot be handled by automation of
signature files alone.
The other main benefit that the Collective Intelligence provides is that it
allows us to gain visibility and knowledge into the processes running on all the
computers scanned by it. This visibility of the community, in addition to
automation, is what allows us to tackle not only the large volumes of new
malware but also targeted attacks.
Available for download in PDF format.