A group of scientists at the University of Michigan has recently unveiled studies that could put an end to malicious software and spam. A new approach to security sees the functionality of the traditional antivirus migrate off the users' machines to the cloud, as a way to deal with the majority of problems that cannot be solved by common antiviruses. The cloud antivirus is a program that doesn't have to be installed on users' computers in order to protect them from malware. Instead, it is hosted on the Internet, like all cloud computing applications.
The breakthrough improvement rests in the fact that, while ordinary security solutions check files while they're being accessed, the CloudAV, as the Michigan University calls its product, analyzes files as they are received, notifying users on the level of security of that document before they open it. While known antiviruses cannot jointly operate on the same machine, because of incompatibilities and resource restraints, CloudAV can use up to 12 programs in order to offer invulnerable protection from malware.
"CloudAV virtualizes and parallelizes detection functionality with multiple antivirus engines, significantly increasing overall protection," said Farnam Jahanian, professor of computer science and engineering in the Department of Electrical Engineering and Computer Science. "CloudAV also caches analysis results, speeding up the process compared with traditional antivirus software. This could be useful for workplaces, for example, where multiple employees might access the same document. The new approach also includes what the developers call 'retrospective detection,' which scans its file access history when a new threat is identified. This allows it to catch previously-missed infections earlier." the researcher added.
The development of the project followed a series of tests performed with 12 of the most popular traditional security tools - Avast, AVG, BitDefender, ClamAV, CWSandbox, F-Prot, F-Secure, Kaspersky, McAfee, Norman Sandbox, Symantec and Trend Micro. The Michigan University scientists learned that, on average, only 35% of the most recent threats could be detected by these security solutions. Another shortcoming of traditional antivirus products was that they failed to detect the latest samples of malicious code for as much as seven weeks.