Home > Blogs > Cloud AV vs. Malware

Cloud AV vs. Malware

A recent study and presentation at USENIX is making some waves in the AV world as the researchers claim their CloudAV is 35% more effective than tradition AV (note the slight abuse of statistical data there - 35% more effective means AV is at 73% and CloudAV is at 88%). I don't dispute their stats, but my question is...so?

While CloudAV (essentially 12 AV products combined) is more effective than a single AV, their are some serious logic flaws in thinking CloudAV is going to protect the end user. In fact, if a company went 100% to CloudAV, I would guess they would get owned rather quickly.

First, CloudAV assumes all files will pass through their network - what about sneaker-net? 

Second, CloudAV does not take into consideration the impact that web based malware has. My Javascript malware won't show up in any AV solution, regardless of its name.

Third, 88% effective still leaves a lot of room for malware. Or to put it another way, would you play Russian roulette with a 1/10 chance of losing? 

So, while I applaude the idea and the thought process...there are some huge holes that need to be addressed before CloudAV ever protects my PC. I'll stick to my virtual machine + snapshots solution!

I should mention that I am part of the Airscanner crew, who does offer AV - along with numerous other security products...so, perhaps I am a bit biased? That said, I am also more informed than the average consumer.

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.