Glaswegian

Symantec is to use the 'wisdom of the crowds' and introduce reputation-based security in the next version of its Norton Antivirus 2010 product.

The software, due out at the end of August, the company will be using information gathered under its Community Watch programme.

Gerry Egan, Symantec product management director said that the problem that the company faced was that the old way of checking for anti-viruses was inefficient. "There are two approaches: blacklisting works well with files that you know are bad, and whitelisting, which works well with files that are known to be good - but these don't work so well in the middle - it was clear that we needed a new model."

Egan said that since 2007, Symantec had been working on the idea that the wisdom of the crowds would fill the gap

"We already use this approach for things likes books, music and films, we're happy to be guided by other people's opinions. We're using a variant of that." He added that Symantec didn't ask the individual users themselves. "To a user it's not obvious what is safe: Some threats are silent, sometimes the user doesn't know they're there, some threats infect legitimate process while other threats pretend to be legitimate."

He said that this reputation-based approach worked by constantly surveying the data being gathered from users without any need for human interaction. "We've devised our own algorithm within Symantec that takes the data from the 30 million users who have signed up to Community Watch and calculates whether every individual program is safe or not," said Egan.


http://www.techworld.com/security/ne...&NewsID=118105