Reaction time

Discussion in 'other anti-virus software' started by VikingStorm, Mar 5, 2004.

Thread Status:
Not open for further replies.
  1. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    http://www.kaspersky.com/news.html?id=146126048

    "Russian antivirus service tops the tables in independent German study


    Virus threats on the Internet are steadily increasing. Given this, the speed at which antivirus developers react to new viruses is a crucial factor in the effectiveness of any information security system. There have been several massive virus attacks since the start of 2004, each more destructive than any seen before.

    In connection with this, a well-known research group from Magdeburg University, AV-Test.org conducted independent research to establish the reaction time of antivirus developers to new malicious code. This research was designed to discover the average time taken to release an anti-virus database update from the moment a new virus is first detected. The recent notorious viruses, Dumaru.y, Mydoom.a, Bagle.a and Bagle.b, which are all detected using heuristics, were used as controls.

    This analysis is more objective than traditional comparative testing carried out by IT publications and research centres. Such tests use collections of older viruses, detected over a month prior to the start of testing, to determine the efficacy of antivirus products. This means that the most important factor in the quality of an anti-virus solution is overlooked: reaction time. It is this specific feature which determines the reliability of protection against new threats. The research carried out by the group from Magdeburg University clearly illustrates the actual quality of antivirus systems, which in turn determines the level of information security as a whole.

    For maximum accuracy in analysing the speed at which antivirus database updates are released, the researchers used dedicated script programs. These scanned the developers' servers every 5 minutes for new updates. The mean results of all data received showed that Kaspersky Labs was the quickest in responding to new virus threats.

    The results of the experiment ranked antivirus developers as follows:

    1. Kaspersky Labs
    2. Bitdefender
    3. Virusbuster
    4. F-Secure
    5. F-Prot RAV
    6. AntiVir
    7. Quickheal
    8. InoculateIT-CA
    9. IkarusšAVG
    10. Avast
    11. Sophos
    12. Dr. Web
    13. Trend Micro
    14. Norman
    15. Command
    16. Panda
    17. Esafe
    18. A2
    19. McAfee
    20. Symantec
    21. InoculateIT-VET

    In addition to the above, Kaspersky Labs was also praised for the frequency with which standard antivirus database updates are released. Users of Kaspersky Anti-Virus can automatically receive updates via the Internet every three hours, round the clock, thereby providing them with greater security.

    The data presented below confirms the undisputed right of Kaspersky Labs to the victor's crown:

    Standard regular update release intervals.š

    AntiVir (H+BEDV) 5 - 6
    Avast! (Alwil) 2
    AVG (Grisoft) 2
    BitDefender 3 - 4
    Command 2
    Dr.Web 6
    eSafe (Aladdin) 5
    eTrust (CA) 4 - 5
    F-Prot (Frisk) 4 - 5
    F-Secure 6-7 6 - 7
    Ikarus 4
    Kaspersky Labs about 20*
    McAfee/NAI 1
    Norman 2
    Panda 7
    Quickheal 4
    Sophos 4 - 5
    Symantec 1 - 2
    Trend Micro 2 - 3
    VirusBuster 4 - 5


    *data for December 2003. Since December 2003 the number of regular updates per week is 56.

    Kaspersky Labs' leadership is significantly strengthened by the introduction of Rapid Virus Response, a new antivirus database update release technology. This was launched in December 2003, and since then Kaspersky Anti-Virus users have had access to 56 regular updates a week. This figure does not include urgent updates which contain a cure for new viruses judged to be of maximum danger.

    It should be noted that all Kaspersky Labs antivirus database updates undergo complex testing for compatibility with a wide range of operating systems and configurations prior to release. Many antivirus developers provide their users with beta-versions of antivirus database updates, which have not been tested for compatibility and which can seriously damage system performance. All in all, Kaspersky Labs is not only the fastest when it comes to reacting to new viruses, but users are also offered maximum protection."

    Well, it's as expected.
     
  2. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Are the vendors missing from list missing because they didn't update at all or missing because they weren't tested?
    Steve
     
  3. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    I think they were just not tested. Or are even better? When I remember the timings for Baggle worm detection some weeks ago (which I think is based on the same source here) NOD32 was missing because it didn't needed a special detection signature due to NOD32's heuristic which made NOD32 the fastest of course. ;)

    wizard
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    And the ESET?
     
  5. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    And dont that is the answer really(although for the viruses mentioned NOD would be fastest) the list is supposed to take into account regular updates,if certain vendors are not included its seems another way that test results can be "massaged" in favour of certain products.I know KAV are very speedy with updates but so are NOD :-looking at that list you'd think they didn't bother at all!
    I remember years ago in GB that a certain speaker manufacturer(Proac/Celef:-one of the very best!) stopped letting certain Hi-Fi mags review there products because they thought/knee reviews were being written to favour certain other products because of 1)Magazine revenue from advertising(Proac rarely advertised)
    2)Brainwashing(loosely used) of certain reviewers
    I can see a similar trend hapenning in computing where certain reviewers favour the same vendor time after time no matter what the catagory(look at editor choice over at CNET
    :- Norton cant seem to put a foot wrong!
    (there I've got that of my chest!!)
    Steve
     
Loading...
Thread Status:
Not open for further replies.