Fighting malware and spam

Volume of threat: the AV update deployment bottleneck

Wei Yan Trend Micro
Anthony Arrott Trend Micro

As cyber criminals continue to advance their malware development skills, the security industry has responded with new technologies to combat the new threats. Most recently, however, the cyber criminals have exploited an inherent weakness in the traditional security industry approach to AV protection. As AV solution vendors discover new threats and develop countermeasures, newly acquired threat knowledge must be deployed to all the protected computers and networks. In the last two years, the perpetrators of digital threats have increasingly automated the processes of producing new unique threat variants. On average, over 2,000 new unique malware threats are introduced to the Internet every hour. It now takes less than a week to produce the entire malware output of 2005.

As the flow of new threats increases, the timely deployment of AV pattern files to protected systems all over the world is becoming overwhelmed. Various responses by AV solution vendors to this assault are examined and compared, especially with respect to minimizing deployment delays and network resource utilization costs.