Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How are percentage of infected home PCs calculated?


  • Please log in to reply
3 replies to this topic

#1 GoshenBleeping

GoshenBleeping

  • Members
  • 269 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 06 October 2012 - 09:09 AM

There are numerous articles on the web that talk about the percentage of home PCs that are infected with malware. Question -- what kind of tests are executed to calculate these percentages? Can the numbers quoted be close to accurate?

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,784 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:47 PM

Posted 06 October 2012 - 09:34 AM

Hi GoshenBleeping,

it always depends on what and where you read this. If you are an anti virus provider, you know how many license you have sold and you may also know (if the users agree to this) how many users had a detection in the last months/year. So they can probably give fairly accurate numbers.
Online scanners are a great source of data too: How many PCs were scanned vs how many were found to be infected, these kind of things can be used.

If you are an ISP, you will be analysing traffic to block malicious traffic (spam, botnets, etc), you should be able to get some data on how many of those IPs you have are communicating with malware servers and can thereby estimate how many of the IPs you are managing are infected. This again will give you a good estimate.

Security researchers will usually pretend to be the server of a specific malware and can then see how many people connect to their server to get orders and can, if they know how many such servers exist in total, make a good approximation on how many people are infected by the specific malware.

There's probably more ways, that I don't know about, too. The estimates will always be estimates, it's hard to say how accurate they are. These things vary strongly regionally and depending on what you qualify as "malware". A good article will quote its source and explain what data was used.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

animinionsmalltext.gif

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:47 PM

Posted 06 October 2012 - 11:23 PM

Anti-virus vendors collect tons of data in regards to malware and produce reports. This article includes a link for Panda's Quarterly report for which they analyzed IT security events and incidents around the world from April through June.

Panda's Collective Intelligence servers have analyzed 258.279.701 viruses and known goodware. Panda Cloud Antivirus connects to Collective Intelligence in real time. On this page you can see the new viruses that are being analyzed in real-time by Collective Intelligence as well as the viruses that Panda Cloud Antivirus is most frequently detecting on users' computers.

Panda Collective Intelligence Monitor: Virus activity recorded by Panda Security’s Collective Intelligence servers

There are tons of stats and information provided by anti-virus vendor threat assessments.

Malware Threat Meters:
Latest Malware Threats:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:47 PM

Posted 08 October 2012 - 06:34 AM

The Malicious Software Removal Tool provides Microsoft with data for a huge amount of Windows machines.

MSRT is downloaded and executed each month via Windows Update. It is not a complete AV scanner.
It is limited in the malware it detects. This is by design. Microsoft makes a trade-off between the time it takes to scan a machine and and the amount of scanning that can be done.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users