I have always been amused at people talking about the death of the antivirus industry. It has supposedly been dying for decades and it is still around and growing.
What amuses me even more is how people can sound so knowledgeable about how antivirus works and why it is doomed to fail. What is especially amusing is precisely how they get all their facts wrong.
I was busy reading about GPU (Graphics Processing Unit) based super-computers and its uses when I came across an interesting paper on how to use a GPU to speed up antivirus software. So I read it and had my un-epiphany.
The paper was describing how to use a GPU to speed up ClamAV. It used a lot of the same terminology that people use to say that antivirus is dead. So it occurred to me that people look at ClamAV and assume that is how all commercial antivirus products work.
I did not know whether I should laugh or cry.
When people ask me whether ClamAV is any good or not, I just have one answer: Does it detect the Wildlist? The answer is no. Virtually every commercial antivirus product out there detects the vast majority of the Wildlist most of the time.
Real antivirus products are significantly more complex and advanced than ClamAV can ever be. ClamAV probably represents the status of commercial products 15+ years ago. The technologies that can be seen in the real products are really very impressive, constantly changing and growing.
I have a hard time comparing our own technology with what you would find in ClamAV. It is like comparing a racing car to a grape. Modern scanning engines have different layers of detection, multiple heuristic engines and multiple emulators for both executable code and scripting languages. The scalability and efficiency of modern antivirus engines given the massive volumes of data they are processing is astonishing.
Good technology can be beautiful. It can be art. It takes a geek to see and acknowledge it and it is an incredibly difficult concept to explain. Modern antivirus engines are art. Balancing flexibility, scalability and detection rates is an intricate dance that takes a group of extremely intelligent people years to perfect and tune.
Related Posts
- Remove Antivirus Center (Uninstall Guide)
Antivirus Center is a rogue anti-spyware program from the same family as Internet Protection. This malware is installed onto your computer through the use of fake scanner pages and Trojans that preten... - Malicious Spam on the increase again
Malware distribution via email is far from dead. While we had a distinctly quiet period from October 2010 to March 2011, our stats show the bot herders are gearing up again with the proportion o... - IME Injection Evolution
Recently,we found many malwares using a smarter way to inject the specified dll into system related to IME management. Comparing to the old IME injection tricks, it is much more difficult to be discov... - The Royal Wedding and The Fake Antivirus
The Royal Wedding of Prince William and Catherine Middleton that will be held tomorrow, on April 29, will attract the attention of many people around the world, and has become a trending topic on vari... - Malicious E-Cards on the prowl
Emails disguised as electronic cards have been used as bait over and over again for malicious intent. The fact that they are overused is a clear indicator that this lure indeed works.&n... - Cyber Crooks All Set to Crash the British Royal Wedding
As we have seen with many major events in the past, news of the British Royal Wedding is currently being used by cyber criminals to bolster their spam campaigns and push rogue antivirus software throu... - FedEx used for continued email malware – Zombies up 70%
It's been almost one month since we reported about the huge increase of email-borne malware attachments. The outbreaks have continued on an almost daily basis since then and we have noted a corr... - 500 free credits from Facebook – malware
There's no such thing as a free lunch - or free Facebook credits. As proof consider the attack described below which has several stages:1) Users get messages with o... - Fake AV for mobile platform
We have seen countless number of rogue security products for Windows platform however this one is targeted to trick mobile users.The sample masquerades itself as a certain AV for mobile and ... - iPhone Tracking
Some time ago, a security researcher, Alex Levinson, found out the iPhone was keeping a SQLite database of the iPhone’s location (wifi-based location, cell-based or GPS) and a few other informat...
Posted on 17 March 2011. Tags: Antivirus, AV, clam, GPU
The above information is reprinted from and copyrighted © by Commtouch Cafe.
