Norton AntiBot

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Norton Antibot
Developer(s) Symantec Corporation
Discontinued 1.1.851
Development status Discontinued
Operating system Microsoft Windows XP / Windows Vista
Platform Microsoft Windows
Size 12.9 MiB
Available in English
Type Antivirus software (Proactive defense / Heuristics)
License Proprietary commercial software
System Requirements
CPU

Windows XP: 600 MHz

Windows Vista: 1 GHz
Memory

Windows XP: 256 MB

Windows Vista: 1 GB
Hard Drive Space 50 MB
Other CD-ROM/DVD-ROM drive or an Internet connection

Norton AntiBot, developed by Symantec, monitors applications for damaging behavior. The application was designed to prevent computers from being hijacked and controlled by hackers. According to Symantec, over 6 million computers have been hijacked, and the majority of users are unaware of their computers being hacked.

AntiBot was designed to be used in conjunction with other antivirus software. Unlike traditional antivirus products, AntiBot does not use signatures; there is a delay between when a vendor discovers a virus and distributes the signature. During the delay, computers can be affected. Instead, AntiBot attempts to identify a virus through its actions; viruses are malicious by nature. However, AntiBot was not intended to replace an antivirus product. The program uses technology licensed from Sana Security.

The product has been discontinued after AVG acquired Sana Security in January 2009, developing a standalone program similar to AntiBot called AVG Identity protection, which was also discontinued and integrated in AVG Internet Security 2011. Product updates and technical support were available from Symantec for one year after a customer's last purchase or renewal.[1]

History[edit]

Ed Kim, director of product management at Symantec, highlighted the rise of botnets. A botnet is a collection of compromised computers, known as bots, which hackers usually control for malicious purposes. Two main uses of botnets include identity theft and e-mail spam.[2] Kim cited a 29 percent increase of bots from the first half of 2006 to the second half. In all, there were six million active bots by the end of 2006.[3]

On 7 June 2007, Symantec released a beta version of Norton AntiBot.[4] AntiBot was designed to supplement a user's existing antivirus software. Unlike traditional antivirus software, AntiBot does not use signatures to identify malware. Instead, it monitors running applications for damaging or malicious behavior, licensing technology from Sana Security.

AntiBot can also supplement SONAR technology by Symantec, found in Norton AntiVirus 2007, Norton Internet Security 2007, and Norton 360. Similar to AntiBot, SONAR monitors for malicious behavior. However, SONAR does not run continuously in the background; only during a virus scan in those specific products.[5]

AntiBot was made available to the general public on 17 July 2007. On 16 January 2009, AVG announced their plans to acquire Sana Security were finalized. J.R. Smith, CEO of AVG Technologies, highlighted the 40,000 unique malware samples their analysts see each day. He noted the time frame between when a sample is analyzed and a signature is created, emphasizing the need for "instant protection", since hackers are constantly modifying their malicious software to evade signature detection. Often, there are several strains, or variations, of one virus, each with a different classification and signature.[6][7] Symantec confirmed ceasing sales and distribution of Norton AntiBot in early 2009. Product help and updates would still be available for one year following a customer's last purchase or renewal.[8]

Reception[edit]

PC Magazine noted AntiBot's above average ability to identify malicious programs based on behavior and the fact it did not mistakenly mark a legitimate program as malicious during testing. However, on some infected systems AntiBot failed to install or caused blue screens because it failed to completely remove a virus.[9]

A technical limitation is AntiBot cannot detect inactive malware since there is no behavior for the software to monitor.[10]

References[edit]

  1. ^ "Norton AntiBot Upgrades & Renewals". Symantec Corporation. Retrieved 5 April 2009. 
  2. ^ "Symantec Arms Consumers Against PC Hijackers with Norton AntiBot". WebWire. 20 July 2007. Retrieved 5 April 2009. 
  3. ^ Sharon Gaudin (8 June 2007). "Symantec Moves Anti-Botnet Weapon Into Public Test". United Business Media LLC. Retrieved 5 April 2009. 
  4. ^ Robert Vamosi (7 June 2007). "Norton AntiBot goes into public beta". CNET. Retrieved 5 April 2009. 
  5. ^ Erik Larkin (8 June 2007). "Symantec releases beta of Norton AntiBot software". IDG Communications. Retrieved 5 April 2009. 
  6. ^ Neil J. Rubenking (13 January 2009). "AVG Buys Sana's Behavior-Based Security Tech". PC Magazine. Retrieved 5 April 2009. 
  7. ^ David Meyer (13 January 2009). "AVG Technologies buys Sana Security". CBS Interactive Inc. Retrieved 5 April 2009. 
  8. ^ Stefanie Hoffman (13 January 2009). "AVG Acquires Sana Security, Adds ID Protection". 09 United Business Media LLC. Retrieved 5 April 2009. 
  9. ^ Neil J. Rubenking (9 August 2007). "Norton AntiBot". PC Magazine. Retrieved 7 April 2009. 
  10. ^ Erik Larkin (7 June 2007). "Symantec Releases Beta of Norton AntiBot". PCWorld. Retrieved 5 April 2009.