IE easily beats Chrome, Firefox, Safari in malware detection

By Antone Gonsalves, InfoWorld |  Security, Internet Explorer, web browsers

Microsoft's combination of application reputation technology and URL filtering gave Internet Explorer a malware block rate that blew pass Google Chrome, Mozilla Firefox and Apple Safari.

The latest tests from NSS Labs showed IE with a 99.9% block rate for what the security tester calls socially engineered malware (SEM). Chrome had a rate of 70.7% while Firefox and Safari hovered around 4%.

In general, SEM includes all malware that a computer user is tricked into downloading on the Web through a malicious link in an email, instant message or other vehicle. Malware delivered as an email attachment is excluded.

Microsoft and Google use a combination of application reputation technology and URL filtering in detecting malware. The difference is Microsoft relies more on URL filtering, while Google does the opposite.

"They both use the same approaches, but the recipes are different," Randy Abrams, research director at NSS Labs, said.

The low rates of Firefox and Safari are due to the browsers only using Google's URL filtering through its Safe Browsing service available to application developers, Abrams said. Neither browser uses an application reputation system, which scans all downloads for attributes that indicate malware.

Chrome's latest block rate was substantially lower than the previous NSS Labs test, when the browser's score was 83.17%. Abrams did not know the reason for the significant drop, but suggested two possibilities.

Google might have lowered the aggressiveness of its application reputation system, if it was preventing too many legitimate applications from being downloaded. Another possibility is hackers have profiled how the system works and have figured out a way to game the system.

Google did not respond to a request for comment.

NSS Labs also tested three leading browsers from China. The Liebao Browser, developed by anti-virus vendor Kingsoft, came in second behind IE with a block rate of 85.1%.

Liebao does not use application reputation technology. Instead, Kingsoft depends on its cloud-based malware detection system to scan all downloads.

Liebao surpassing Chrome is unexpected because most browser makers have turned toward application reputation, also called content-agnostic malware protection (CAMP), because it is believed to be the most effective.

Kingsoft's approach uses URL filtering with cloud-based file scanning, which Abrams found "very interesting."

"I thought application reputation was going to be the predominant technology for protection, and it really is a surprise to see this cloud-based file scanning perform so well," he said.

As of last month, IE held nearly 58% of the browser market, with Firefox and Chrome each with slightly more than 17%, according to Net Applications.

Don't miss...


18 hot IT certifications for 2014

6 IT hiring tips to weed out the duds

The helpful, handy, FREE programs your new PC needs

  Sign me up for ITworld's FREE daily newsletter!
Email: 
 


Originally published on InfoWorld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question