Error opening template: advertisement/zones/468x60_generic.tplError opening template: advertisement/zones/728x90_leaderboard.tplError opening template: advertisement/zones/728x90_bottom_ad.tplError opening template: advertisement/zones/300x250_right_ros_up.tplError opening template: advertisement/zones/300x250_right_ros_down.tplError opening template: advertisement/zones/160x600_left_nav.tplError opening template: advertisement/zones/160x600_right_nav.tpl Are Malware Test Files Useful?

Are Malware Test Files Useful?

Several of the major anti-malware developers frequently participate in independent tests conducted by Virus Bulletin. Numerous companies have received VB 100 certification, including Sophos and Symantec. Since many products on the market today are effective, some have posed the question of how useful malware test files really are. We have discovered some information that will shed light on the subject and hopefully answer this question

False Positives

Earlier this year, each of the three anti-malware products submitted by Trend Micro into Virus Bulletin's independent test produced failed results because of false positives. A total of 20 products were submitted, with six generating false positives when scanning a batch of known clean files. Aside from Trend Micro, other products that failed to meet requirements for VB 100 certification were FortiClient, Ikarus Utilities and VirusBuster.

As one of the big four anti-malware developers, Trend Micro's products falsely identified a Microsoft development tool as a piece of spyware. The test files were the first conducted by Virus Bulletin on the 64-bit Windows Vista system. The malware test files included were known to be clean and chosen from the "most popular" lists on various free download sites.

The Detriment of False Positive Alerts

The fact that some of today's best software resulted in such an upsurge of false positives raises huge concerns. False detections can actually stir up as much chaos as genuine malware, causing end users to panic and needlessly delete legitimate files under the assumption they are being attacked. The results of such a situation can be very damaging. According to John Hawes, senior consultant at Virus Bulletin, most products that failed with the malware test files showed a significant reliance on heuristic detection techniques. He goes on to say that anti-malware developers have a long way to go if they expect to minimize this alarming number of false detections.

In February of 2007, Microsoft received criticism from all angles after their OneCare conumser AV software failed to meet the requirements for VB 100 certification when tested on the 32-bit Windows Vista platform. In the most recent test, ForeFront, their enterprise product, gave a strong performance and was awarded VB 100 certification on the 64-bit Vista platform.

Requirements for meeting VB 100 status calls for anti-virus products to scan test files of numerous viruses from the "in the wild" list, strains that are known to be circulating on systems around the world. In order to earn VB 100 certification, these products must be able to detect 100% of the malware categorized in the wild, all without generating any false positives when scanning a set of clean files.


Are malware test files useful? Companies like Trend Micro and Microsoft would respond with a resounding yes. An outbreak of false positives resulting from different programs would be an absolute nightmare for the industry. Unfortunately, three more anti-virus developers recently failed to meet VB 100 requirements for malware detection on Windows XP. This is clear evidence that the struggle continues.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.