Norton Insight Network: Past the 100 Million Mark

Discussion in 'other anti-virus software' started by Pleonasm, Apr 5, 2010.

Thread Status:
Not open for further replies.
  1. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    Norton Insight Network has achieved a milestone: over a hundred million files are now classified by Symantec’s community-based reputation algorithm as “known good files” (79%), “known bad files” (14%), or are in temporary state of “building reputation” (7%).

    That's an impressive resource, leveraged in behalf of protecting users against malware.
     
  2. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    What about Bits9?
     
  4. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA

    not a clue didnt even know they had something like that.
     
  5. Pleonasm

    Pleonasm Registered Member

    Joined:
    Apr 9, 2007
    Posts:
    1,201
    I may be mistaken, but I do not believe that the "99 million" number from Panda is comparable to the "100 million" number from Symantec. Panda appears to be counting the number of files analyzed, whereas Symantec is counting the number of unique files in its reputation database.

    For example, if 100 users analyzed a single new file, Panda would increment their "99 million" count by 100, while Symantec would increment their "100 milion" count by 1.

    It’s hard to be completely sure from a visual examination, but if you closely observe the “new file” count and the “analyzed” count on Panda’s Collective Intelligence Monitor webpage, it seems that the latter is incrementing more quickly than the former. If Panda was measuring the same quantity as Symantec, then those two counts should increment in unison.
     
  6. pbust

    pbust AV Expert

    Joined:
    Apr 29, 2009
    Posts:
    1,173
    Location:
    Spain
    This is incorrect. Our number does not mean "a file being analyzed by x number of people n times".

    We count "unique files analyzed" as well, so the 99.7 million number is comparable to the Symantec figure. When we say "analyzed" we mean that there was a complete analysis and determination of the files' behaviour (goodware or malware) by Collective Intelligence backend automated system.

    Edit:
    For comparison sake, here's our breakdown:
    - Known bad files: 57%
    - Known good files: 21%
    - Suspicious: 14%
    - Being analized: 8%
     
    Last edited: Apr 5, 2010
  7. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    Known bad+suspicious = 71% bad files with Panda , while Symantec had 79% good files

    As people might be able to see , the approach here is different . While Panda's aim is to get more and more bad files , Symantec collects a huge white list.SONAR is agressive against the others.Additionally , AFAIK Symantec plans to change their products (not in so recent future) so that the products will be able to kill everything that is unknown , with unproven or known bad reputation. This way we make a turn-back and Symantec will be counting the good files , not the bad ones. This is all because as they say , nowadays there are more bad files than good ones (as Panda's cloud system proves , too).

    This proves that the old signature system and generally the blacklist system (still used by the majority of vendors) is completely out-of-date.
     
  8. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    not a bad break down with panda i dont think.
     
  9. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567

    Great conclusion. ;)
     
  10. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    not bad,

    but 3 years ago, Prevx reached over 300 million known good/bad files in its cloud,

    Prevx's cloud is in the 'many billions' now.

    3 years ago, back in the stoneage for Prevx *lol*, they were adding 250,000 known good/bad files to its cloud PER DAY, so 3 years on, Prevx's cloud is where to be. :D
     
  11. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    So why don't you count that out > 250,000 a day under 3 years period, and tell us the result PC_Gamer.
    That's a great MIND GAME :D
     
  12. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    erm, that was 3 years ago so they may add more per day these days, i dont know :) , i Dont think they have an exact figure Swex, just 'in the many billions' :D

    im certainly not going to work anything out ;) *lol*
     
    Last edited: Apr 6, 2010
  13. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    These are all number games...God Knows what new technology will come up in future...
     
  14. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    According to Google 250,000 times 365 (days) times 3 is: 273 750 000

    273 millions 750,000 thousands hmm... quite a lot :D
     
  15. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    According to the page re: FileAdvisor, 6,543,548,689 files have been indexed so far. It doesn't say what percentage are bad or suspicious though.
     
  16. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Over 6.5 billion (6,543,548,689) at the moment of posting this.
    Source: http://fileadvisor.bit9.com/

    Kaspersky has been using the bit9 databases since 2007 to supplement the development of KSN databases. Not sure about the raw total number of files in KSN though, but must be more than bit9's, in addition to signature white/blacklists of-course which can add thousands into the database.

    Overall, I think the actual number is insignificant. It's a supplement to overall proactive technologies, but actual proactive protection is what's important.
     
  17. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Yep :)

    Kaspersky has been using the bit9 databases since 2007 to supplement the development of KSN databases. Not sure about the raw total number of files in KSN though, but must be more than bit9's, in addition to signature white/blacklists of-course which can add thousands into the database.

    Overall, I think the actual number is insignificant. It's a supplement to overall proactive technologies, but actual proactive protection is what's important.
     
  18. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello all :)
    While Prevx does likely have the largest cloud as we have many times more than the 100 million referenced by other vendors, it may be worth noting that the volume of files doesn't necessarily correlate with improved detection. It depends how the vendor uses the data and how protection is created - otherwise it is just a case of holding a very large signature/whitelist database centrally (which admittedly is useful but doesn't provide an additional level of protection). Counting unique files is helpful in some cases, but the better cloud-based vendors (Panda, Symantec, and a shameless self promotion for Prevx :)) do not base their detections on hashes, rather, significantly more intelligent signatures, rules, and logic are used to detect files. Therefore, while the number of files is high, the real value comes from how the data is leveraged.

    For instance, 100 million files can be created from a single user - just create 100 million copies of Notepad and run any well designed polymorphic file infector of your choice :) You'll quickly find 100 million new, completely unique files - services that claim billions of files are likely taking these into account and, counter-intuitively, Prevx tries to trim down the number of files in our database with smarter signatures which is why we don't show a count on our website.
     
  19. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    757
    How true
     
  20. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Very true
     
  21. AvinashR

    AvinashR Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    2,060
    Location:
    New Delhi Metallo β-Lactamase 1
    But i guess the pattern of infection was the same, and no company will gonna add that much of unique file in their database which will have the same pattern..
     
  22. skokospa

    skokospa Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    177
    Location:
    Srbija
    All the ads, who has the money for advertising who has paid money for first place in tests;who has the money to AV Comparatives https://www.wilderssecurity.com/showpost.php?p=1604827&postcount=8 has the ability to create and user opinions in any way.
    This "small" companies were left crumbs....big fish always eat the small:D
     
  23. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    Excuse me but if a vendor is that small and can't allow to pay fees to be part of testing , then this vendor deserves no attention from users or . It is simple - we live in a world where we can't allow to be with small vendors just from respect point of view.

    I have been part of the stupid game where security product is being sold almost free and no , this is not for me . You want quality and top service , then you pay for it .
     
  24. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Erm... I beg to differ. Spending (wasting) money on pointless tests doesn't tell anything about the product quality. And yeah, all these tests are not reflecting reality - starting with Matousec and ending with AV Comparatives. They are not real world tests, they are a show-off for vendors who can afford them.
     
  25. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    now this thread has turned into who has the biggest database :rolleyes:
     
Loading...
Similar Threads
  1. ankupan
    Replies:
    7
    Views:
    1,319
Thread Status:
Not open for further replies.