EICAR 2009, 12 May 2009 Checkvir Realtime Anti-Malware Testing and Certification Dr. Ferenc Leitold, Veszprog Ltd.

Slides:



Advertisements
Similar presentations
Solutions for businesses. Keep It Secure Contents Protection objectives Network secured Supplementary products Unique.
Advertisements

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.
Warren Toomey North Coast TAFE Port Macquarie campus
AVG Internet Security 7.5 Product presentation.
1 Panda GateDefender Performa Your First Line of Defense Product Presentation Name 2008.
Kaspersky Labs 6 ht Annual Partner Conference · Turkey, June Kaspersky Labs 6 th Annual Partner Conference · Turkey, 2-6 June 2004 VII Kaspersky.
By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.
Samir Mody (Sophos/K7Computing) Igor Muttik (McAfee) Peter Ferrie (Microsoft)
LittleOrange Internet Security an Endpoint Security Appliance.
Maintaining and Updating Windows Server 2008
INTRODUCTION. We are a company dealing with software products and solutions. Established in Offering Network Security Data Protection and Cloud.
Jayesh Mowjee Security Consultant Microsoft Session Code: SIA203.
TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.
Towards Extending the Antivirus Capability to Scan Network Traffic Mohammed I. Al-Saleh Jordan University of Science and Technology.
1 E LECTRICAL E NGINEERING AND C OMPUTER S CIENCES U NIVERSITY OF C ALIFORNIA Berkeley Combating Stealth Malware and Botnets in Higher Education Educause.
KASPERSKY SECURITY FOR STORAGE Product Launch Presentation Global B2B Product Marketing Teams.
TrustPort Net Gateway Web traffic protection. Keep It Secure Contents Latest security threats spam and malware Advantages of entry point.
What is it, how does it work, and why is it important?
Kaspersky OpenSpace Security Kaspersky ® OpenSpace Security Christian Runte Biodata.
Introduction to Information and Computer Science Security Lecture b This material (Comp4_Unit8b) was developed by Oregon Health and Science University,
PrivacyShield: Real-time Monitoring and Detection of Android Privacy Leakage Review and Discussion Yan Chen Lab of Internet and Security Technology Northwestern.
Computer Update March Just a Bit of an Update Equipment Security.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Introduction to Microsoft Forefront
May 2015 LCCU Meeting We’ll answers members’ questions: –What are the best free online options for storing, sharing or syncing your files? –How can you.
KASPERSKY ENDPOINT SECURITY
MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.
 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.
Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.
Anti-Virus Testing Project Vincent Martinez Christopher Creighton 7/28/09.
Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.
AntiVirus Solutions Review and Discussion February 19 th, 2013.
Anti-Virus Software By Johnathan Trakalo and Mitchell Pleet.
Antivirus software.
Computer Skills and Applications Computer Security.
Protecting Your Computing Devices Antivirus, Anti-Spyware, Ad blocking, Antitheft and OS Maintenance.
What’s new in SEP Presenter’s Name Here Presenter’s Title Here.
W elcome to our Presentation. Presentation Topic Virus.
Phishing with Worms Twenty Years of Digital Threats—What Have We Learned and Where Are We Now?
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Global Mobile Anti-malware Market WEBSITE Single User License: US$ 2500 No of Pages: 55 Corporate User License: US$
Antivirus Software Troy Behmer. Outline Topics covered: – What is Antivirus software (AVS)? – What are the advantages and disadvantages of AVS? – What.
Protecting Your PC. Malware Virus Trojan Spyware Worm Rootkit Browser Hijacker With or Without AV software, ALL computers that have access to the internet.
©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.
Boris Ulík Technology Solutions Professional Microsoft Slovakia Microsoft ® System Center 2012: System Center Endpoint Protection 2012.
ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.
Maintaining and Updating Windows Server 2008 Lesson 8.
Reach us at Call: | Visit:
James Paik. What is a virus? A virus is a malicious program that can be executed on the computer and can cause damage to it.
Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.
© iViZ Security Inc 0 May 2013 Bikash Barai, Co-Founder & CEO Why Current Security Solutions Fail?
CloudAV: N-Version Antivirus in the Network Cloud Jon Oberheide, Evan Cooke, Farnam Jahanian Electrical Engineering and Computer Science Department, University.
Antivirus Customer Service & Technical Support Helpline Number Antivirus Help Number:
Retail: Generation 2012 & Business: Version 11. G Data at a glance.
Global (North America, Europe and Asia-Pacific, South America, Middle East and Africa) Antivirus Software Market 2017 Forecast to 2022.
Best Antivirus Technical Support number Australia
Three steps to prevent Malware infection
Computer Virus and Antivirus
Protecting your mobile devices away from virus by a cloud-based approach Wei Wu.
Computer Security Std XI– Chapter 8.
Threat Monitoring Center
Antivirus Support Phone Number + 1-(844) One Step IT Solutions December 6, 2017
100% Exam Passing Guarantee & Money Back Assurance
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Endpoint Security Market to grow at 7% CAGR from 2017 to 2024: Global Market.
Welcome to Fix Antivirus Activation Error Support Service.
Operating Systems Protections
Presentation transcript:

EICAR 2009, 12 May 2009 Checkvir Realtime Anti-Malware Testing and Certification Dr. Ferenc Leitold, Veszprog Ltd.

EICAR 2009, 12 May 2009 Contents Purpose of Checkvir testing Testing methodology –Technical background –Testing procedures Current state Difficulties Questions

EICAR 2009, 12 May 2009 Purpose of Checkvir testing AVG1,7 ESET2,6 F-PROT1,2 F-Secure5 Kaspersky23,2 McAfee35,4 Panda44,7 Sophos5,4 Sunbelt0,6 Symantec233,4 VirusBuster1 source: AV-Test.org Number of updates / day Problems: Big number of updates Cloud technology Solutions are continually changing Testing all versions are impossible

EICAR 2009, 12 May 2009 Purpose of Checkvir testing Testing all versions are impossible Executes tests as frequently as possible Automatic methods have to be developed Big number of computers have to be used

EICAR 2009, 12 May 2009 Purpose of Checkvir testing The main purposes: Provide reliable, correct and exact information mainly about: - effectiveness - performance in a balanced way (AMTSO’s principle) Provide naming cross-reference information performanceeffectiveness

EICAR 2009, 12 May 2009 Pack and save the new image AV update Unpack previous image Publish results Unpack last image New version? Initialize testing Execute test(s) Save results and reports Analyze results yes nono Testing methodology updatetest

EICAR 2009, 12 May 2009 Testing methodology Technical background clients “malware proxy” server webserver controller archiver firewall firewall & router

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Malware knowledge (detection, disinfection) –against known, unknown malware and clean files –on-demand, on-access and proactive executions “Container” checking capabilities –archives, clients’ data files, … Speed –on-demand, on-access –boot time Functionality Stability … speedknowledge

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Why the speed is so important?

EICAR 2009, 12 May 2009 Testing methodology Testing procedures

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Testing bootup time What is more important? BOOTUP TIME or SECURE BOOTING DEMO

EICAR 2009, 12 May 2009 Testing methodology Testing procedures

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Avast AVG Avira Bitdefender Eset e-Trust F-Prot F-Secure Fortinet Ikarus Kaspersky Microsoft Rising Sophos Symantec Trend Micro VirusBuster Bootup protection test

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Avast AVG Avira Bitdefender Eset e-Trust F-Prot F-Secure Fortinet Ikarus Kaspersky Microsoft Rising Sophos Symantec Trend Micro VirusBuster Bootup protection test

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Avast AVG Avira Bitdefender Eset e-Trust F-Prot F-Secure Fortinet Ikarus Kaspersky Microsoft Rising Sophos Symantec Trend Micro VirusBuster Bootup protection test

EICAR 2009, 12 May 2009 Testing methodology Testing procedures Avast AVG Avira Bitdefender Eset e-Trust F-Prot F-Secure Fortinet Ikarus Kaspersky Microsoft Rising Sophos Symantec Trend Micro VirusBuster Bootup protection test

EICAR 2009, 12 May 2009 Testing methodology Proactive tests vs. AM cloud technology Problems: AM products use cloud technology –> traffic should be allowed Malware use cloud technology –> traffic should be allowed –> How can we protect the world? –> How can we provide exactly the same environment for solutions?

EICAR 2009, 12 May 2009 Testing methodology Proactive tests vs. AM cloud technology clients “malware proxy” server webserver controller archiver firewall firewall & router

EICAR 2009, 12 May 2009 Testing methodology Settings By default, DEFAULT settings are used Minimal functionality is required: –Execute tests without user interaction –Automatically clean the infected file (if not possible -> delete) –Report file generation

EICAR 2009, 12 May 2009 Current state What is working now? The frame system The website Automatic procedures of some products Preliminary selection and validation of the samples

EICAR 2009, 12 May 2009 Current state

EICAR 2009, 12 May 2009 Current state

EICAR 2009, 12 May 2009 Current state

EICAR 2009, 12 May 2009 Difficulties Viewpoint of the average user Automatic methods Testing environment Funcionality problems –Truncate report file Stability problems

EICAR 2009, 12 May 2009 Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.