VoodooShield ?

Discussion in 'other anti-malware software' started by CloneRanger, Dec 7, 2011.

  1. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,657
    Location:
    USA
    It says I have security updates installed for .net 4.5, but when I navigate to the installation folder there is only 4.0. I'm not being given an optional update to install 4.5 either.
     

    Attached Files:

  2. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool ;). Well, I think machine learning and Ai is going to play a huge role in malware detection in the next decade or two, and as accurate as it is, I do not think it is the silver bullet. You know how when you use speech recognition with Siri? Well, sometimes you get really odd results... like the other day I asked for driving directions to a place in town, and it was going to take me to Holland. Machine learning and Ai will get even better over time, but it will never be perfect... but that is why we need a lock ;). Now, if someone figured out a way to make machine learning and Ai perfect, there would be no reason to have VS ;). Or really anything else for that matter. And actually, the next few weeks, you will see VoodooAi get smarter and smarter, it is a work in progress, but I do not think it is possible to achieve much more than a 98% - 99% accuracy. That sounds impressive until you realize this... if you are about to board an airplane and they tell you that there is a 99% chance that it will not crash, what would you do?
     
  3. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
  4. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    BTW, if anyone has any ideas for repositories of known clean files, please let me know... we need it for training data. Malware packs are easy to find, but large quantities of known clean software, not so much ;).
     
  5. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,004
    Dan, I might be able to help. I have literally, over a hundred exes of the same software, that I have saved, when beta testing it. If interested, we can communicate further by PM or e-mail.
     
  6. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Thank you, I appreciate that! I forgot to mention that I need to find 25,000+ clean files or so... the more the better.
     
  7. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,004
    Oops....then I can't help!
     
  8. Gillor

    Gillor Registered Member

    Joined:
    Jul 12, 2013
    Posts:
    84
    Location:
    UK
    Choose another airline - the industry norm is one in 5.4 million not 1 in 100 :)

    98%-99% accuracy in identifying all files scanned or 98%-99% accuracy in correctly identifying malicious files?
     
  9. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Hehehe, I know, but IF there was a 1% chance of the plane crashing, is that acceptable?

    What number is acceptable when it comes to computer security? Should I be upset if my bank uses security software that is only 5%-87% effective for zero days, which makes me vulnerable to identity theft?

    Currently VoodooAi is around 98-99% accurate in identifying malicious files. In a week or so, after uploading all of the training data and retraining the models, it should be around 99% accurate for all files, including zero day malware. What is the industry average? I have seen this number range from less than 5% to 87%.
     
  10. void011

    void011 Registered Member

    Joined:
    Dec 22, 2015
    Posts:
    2
    How much is the size limit to upload? I tested VoodooAi with some samples and it like a charm ;)
     
  11. void011

    void011 Registered Member

    Joined:
    Dec 22, 2015
    Posts:
    2
    I think VoodooAi uploads raw metadata so the size of file usually doesn't matter, right?
     
  12. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you! And trust me, it is only going to get better. I am currently going through every version of windows, office, and other common programs, collecting safe files for training data... it will really help with the false positives for the safe files. You will notice that when VoodooAi detects a virus, the algorithms will have a probability of around .99xx or so. This is because there is A LOT more unsafe files currently in the training data than safe files... there are only around 7,500 safe files, and around 100,000 unsafe files. So hopefully it will all work out in the end, hehehe, it is hard to say for sure, but it is looking great. Either way, it will be another layer of protection that helps the user decide whether to allow a file or not.

    It would be nice to be able to get VoodooAi to the point where it is sooooo accurate that we can actually do full system scans, but I highly doubt it will ever be that accurate, since machine learning and Ai is prone to have oddball results every once in a while. But either way, I am going to try to make that happen ;). Then again, we can always check the oddball results against the 57 blacklist, right? So we have tons of options.

    Anyway, to answer your question, yeah, exactly, there really is no limit on file size, except I did notice that VoodooAi stumbled on a 3 gig file that snuck its way into the training samples. It is probably a quick fix.
     
  13. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    BTW, here are a couple of companies doing something similar with machine learning and Ai, they may be able to explain it better than I can ;). The difference is that VoodooAi will be publicly available for download, and not just for large enterprise corporations.

    I really think some cool stuff is going to come out of machine learning and Ai in the security industry. It has been a struggle to get it right, but I am getting close. It is not the silver bullet some people think it is, but it will at least limit what the malware authors can do, and make their "job" a little more difficult.

    http://www.deepinstinct.com/#/home

    https://www.invincea.com/products/cynomix/
     
  14. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, thank you! I had never heard of Valkyrie before, but it looks interesting... I will check it out some more. It looks like it uses behavior analysis, along with features they extract from the file. I am not sure if they are using machine learning and Ai to determine whether the file is malware or not, but it does look interesting!

    Thank you for the idea, but I am doing pretty well finding safe files, I appreciate it though. Also, I need the actual files in order to do the training.

    BTW, just for the heck of it, I scanned Valkyrie with VoodooAi, the results were 0.0036 and 0, so I am assuming it is a safe file ;). I scan everything now with VoodooAi, just to see the result ;). VS had 2 false positives on the blacklist scan, which I found to be interesting.

    Thanks again!
     
  15. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,098
    Location:
    Ontario, Canada
  16. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    I looked at Valkyrie a little more... I guess they released it a couple of weeks ago? It is just kind funny because Valkyrie and VoodooAi are somewhat similar in a few ways... but obviously we both have been working for months independently.

    I could not get the desktop app to scan my files, but I did submit some samples online, and it seemed to work really well. If someone knows how to get the desktop app to scan multiple files (or any file for that matter), please let me know... I would like to do some further testing to see how accurate it is. I checked it out for a little while and it is definitely cool and quite accurate from what I have seen in my limited test.

    Valkyrie and VoodooAi use a lot of the same file features, but I do not believe they are using machine learning or Ai yet, although it could be implemented without too much work, and would be a great addition to Valkyrie. If my algorithms turn out as well as I hope in a few days, maybe I will contact them and see if we can work something out ;). It is always cool to see what other people are working on, and what new ideas they have to fight malware... obviously not to borrow from them, but rather to appreciate their work ;). Happy holidays everyone, talk to you soon!

    Edit: I did a little more research and yeah, they are using machine learning and Ai in Valkyrie. So it is quite similar to VoodooAi, although it looks like they have been working on it for quite some time, like maybe since 2013? I was confused because it seems like most companies that are using machine learning and Ai seem to think they are the only ones who are using it, and they let you know ;). It has been around for 5 or so years now, mainly in academic studies. As powerful as it is, I am not sure why all of the security companies have not jumped on the bandwagon... they should ;).
     
    Last edited: Dec 23, 2015
  17. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
  18. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Valkyrie is used in Comodo Cloud AV (still in beta; stable expected in January) but so far they have not decided whether or not it would be implemented in CIS too.
    IMHO it should be....
     
  19. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Yeah, they should ;).
     
  20. VoodooShield

    VoodooShield Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    5,881
    Location:
    United States
    Cool, I see. So is this the CCAV that you are talking about?

    http://download.comodo.com/ccav/installers/beta/ccav_installer.exe
     
  21. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Yes, it is.
     
  22. TerryWood

    TerryWood Registered Member

    Joined:
    Jan 14, 2006
    Posts:
    979
    Hi Everyone

    Could do with a bit of advice please.

    I am using Voodoo Shield Free for about a week now and am very happy with it so far, however, just after bootup of my system (Win 7 SP1) it has just started to pop up a reminder asking me if I want to upgrade. It is now doing it after every boot up. Is this normal behaviour or is it the price one pays for it being free? Is there a way to stop the pop up until I am ready to decide whether to upgrade?

    Thanks

    Terry
     
  23. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,614
    Location:
    South Wales, UK
    Hi Terry

    I believe that is the 'price' one pays for using the freeware versions. From what I can see in the product comparison chart over at the website:

    VOODOOSHIELD FREE.......NO NAG SCREENS - NO
    VOODOOSHIELD PRO........NO NAG SCREENS - YES

    But at $19.99 for a year of protection + the added customisation features I would give go in 2016. ;)

    Regards, Baldrick
     
  24. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,024
    Location:
    Christchurch, UK
  25. hjlbx

    hjlbx Guest

    Comodo Valkyrie has been around for years. It was implemented, but then not long afterwards the project was abandoned\delayed until being resurrected within the past 6 months.

    I have no infos, but I suspect it was an issue of infrastructure, staffing, capacity, etc.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.