Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

+ - Google Uses Reputation to Detect Malicious Downloads->

Submitted by CowboyRobot
CowboyRobot (671517) writes "Using data about Web sites, IP addresses and domains, researchers find that they can detect 99 percent of malicious executables downloaded by users, outperforming antivirus and URL-reputation services. The system, known as Content-Agnostic Malware Protection or CAMP, triages up to 70 percent of executable files on a user's system, sending attributes of the remaining files that are not known to be benign or malicious to an online service for analysis, according to a paper (pdf) presented at the Network and Distributed System Security Symposium (NDSS) in February. While the system uses a blacklist and whitelist on the user's computer to initially detect known good or bad files, the CAMP service utilizes a number of other characteristics, including the download URL, the Internet address of the server providing the download, the referrer URL, and any certificates attached to the download."
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Google Uses Reputation to Detect Malicious Downloads

Comments Filter:

"Why waste negative entropy on comments, when you could use the same entropy to create bugs instead?" -- Steve Elias

Working...