AVAST Software: Detection is faster when FileRep knows all the clean files

The FileRep feature in the new avast! 7 accelerates malware detection thanks to its “in-the-cloud” database of clean files, improving detection of new and emerging threats.

“Once a new file has been opened a few hundred times, we have a good idea if it is malicious or not,” said Ondrej Vlcek, CTO of AVAST Software. “Then we communicate this information with all of our users.”

FileRep incorporates an “in-the-cloud” database of files to help the antivirus scanning engine make more intelligent decisions as it flags potential malware. The FileRep database includes several billion executable files with additional files added daily. The FileRep feature is included in all avast! 7 variants including avast! Free Antivirus and the premium Internet Security.

Two key data categories tracked in FileRep are file age (emergence) and the number of computers that have already opened it (prevalence). Additional data categories tracked in FileRep are file distribution, the source URL, and digital signature status. The data is contributed anonymously by CommunityIQ members, the avast! user network of sensors.

FileRep is designed to counter the growth in polymorphic malware where every user gets an “individualized” version which traditional signature and heuristic AV techniques have a hard time identifying. FileRep data drives the decision to place suspicious files in the avast! AutoSandbox.

“By identifying the good as well as the bad files, we are flipping the security equation on its head,” said Mr. Vlcek. “This reduces the risk from new ‘zero-day’ threats and helps us more effectively utilize the experiences of our users.”

The new avast! 7 is coming and we would like to tell you about it. If you will be in San Francisco at the RSA Security Conference 2012, please join us on February 29th for dinner and a look under the hood of the new avast! 7.