Home > News > AV Comparative Against Chinese Malware

AV Comparative Against Chinese Malware

May 10th, 2010 Pedro Bustamante

As many of you already know, a large portion of today’s malware is created and/or distributed from China. With that in mind, chinese independent AV testing lab PC Security Labs, has published a comparative study of AV detection of chinese malware. The comparative can be downloaded from here in PDF format.

Panda Internet Security 2010 has done fairly good in this test, ranking first in both detection as well as overall score:
PCSL Chinese Malware 2010-05

The thing I like best about PCSL tests is that, unlike other tests out there, PCSL takes a unified look at the products tested. Not only does it look at static and dynamic (behavioural) detection, but also at static and dynamic false positives, combining everything into a single, unified, global score per product. Other tests only look at these different technologies separate from each other.

As some of you may remember we started taking part in PCSL’s main AV tests in November 2008 and so far we’ve achieved Excellent score in all the tests.
null

More info @ PC Security Labs website or at the main published report at http://article.pchome.net/content-1116841.html (chinese only)

Categories: News Tags: , , , , , ,
  1. Ratcicle
    May 27th, 2010 at 13:19 | #1
    Reply | Quote

    Congratulations!
    Note: Did you receive this information via Twitter ?

  2. Shadowman
    May 29th, 2010 at 20:07 | #2
    Reply | Quote

    congrats! i am glad i am running PCA here in China, it will protect me very well as i see :)

  3. Daniel Schrader
    August 16th, 2010 at 05:26 | #3
    Reply | Quote

    For full disclosure, I am with Symantec – but reading your post was the first time I heard about this test.

    I am confused, you compliment the test for “tatic and dynamic (behavioural) detection. . . ” but the test’s own report says:
    Test Methodology:On-demand scan (default setting) of malware package and clean file database and then calculate the detection rate and false positives

    That sounds like static file scanning – how does that test real time behavioral detection or HIPS or browser protections or sandboxing or any of the dynamic security technologies used by some vendors? This sound like just another static file test – one with a very, very small sample size – with almost no information (in English at least) about the methodology, the test bed, or the quality of the sample set.

  4. Pedro Bustamante
    August 16th, 2010 at 07:48 | #4
    Reply | Quote

    @Daniel Schrader Thanks for your comments Dan. As yourself I am not a believer in static on-demand malware tests either. I think the confusion comes from the graph shown in my post which only refers to the static portion of the test. This test (and all others I’ve seen from PCSL so far) is a 4-part test which consists of the following:
    * Static malware detection
    * Static false positives
    * Dynamic (behavioural) malware detection
    * Dynamic false positives
    The final score is determined “as a whole” rather than the sum of all parts. In the graph above and probably the part of the methodology you read refers only to the first part. You can visit http://www.pcsecuritylabs.net or contact Jeffrey @ PCSL for the full methodology details. AFAIK PCSL is a member of AMTSO and one of the few AV testing labs doing regular behavioural tests (in addition to AV-Test, AV-Comparatives, etc.). Of course I’d be happy to share with you more details and/or contact info for PCSL should you want it (you can reach me at pedro.bustamante’at’pandasecurity.com).

  5. Abdullah
    August 16th, 2010 at 17:18 | #5
    Reply | Quote

    Hi
    Is this version depend on cloud AV?

Comments are closed.