Collective Intelligence
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Collective Intelligence

  • 633 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
633
On Slideshare
631
From Embeds
2
Number of Embeds
1

Actions

Shares
Downloads
11
Comments
0
Likes
1

Embeds 2

http://www.linkedin.com 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • … I ‘ve represented here the distributed systems of our users, which interact with your infrastructure, managed by PandaLabs, so that (click forward), if a new executable appears, it will provide some basic data (click forward) , such as behavioral traces, date and time of first appearance, and so on. This information alone may not be sufficient to reach a determination, but if we see the same program (click forward) appearing in a different corner of the world, showing a different behavior, we can then correlate those two behaviors and have sufficient evidence…that the program was in fact malware (click forward), and we can instruct the agents (click forward) to block or eliminate the malicious code. Malware does not manifest its behavior all the time, so this approach allows us to become smarter and to detect malware much earlier. This is just an example of the benefits of using this approach. It is important to note that we do not collect personal information, and that based on the specific data we receive, we cannot trace users, you would always need an ISP to be able to do that… In essence, we get global visibility about the activities of malware, and by connecting sensors to our infrastructure we can continuously correlate the different pieces of data, which results in automatic classification of files in a totally transparent fashion. We believe that, most of the times, users cannot take informed decisions when security products ask them what do they want to do with a program. That is why we believe that security should become as a transparent, but always present, component in their computing experience. TRANSITION TO NEXT SLIDE: overcoming the limitations of the predominant model today, the “local” approach, is what we are doing…

Transcript

  • 1. Runtime Packers File Infector Clustered Grafos Emulation Multi-scanner Installers Clustered Grouping Heuristics Behavioral Sandboxing Correlation Over 20.000 new files are imported every day into PandaLabs. These come from customers, competitors, honeypots, CERTs, malicious URLs, online scanners such as VirusTotal, Jotti, etc. When a PC protected by Panda encounters a new file which is not detected by local signatures, heuristics or behavioral analysis, its “behavioral traits” are extracted and analyzed remotely by the PandaLabs Collective Intelligence cloud to determine if the new file is malicious or harmless. New viruses and malware are detected and blocked remotely and automatically almost in real-time without having to send the file to the lab for manual analysis and wait for an answer. The result is that customers are protected against new malware much faster than using traditional signature update approches.