Av Efficacy Rates Against Known Malware Can Be as Low as 34 Percent
Nyotron, provider of the industry’s first OS-Centric Positive Security solution to strengthen endpoint protection, published the results of its study of the efficacy of leading antivirus (AV) solutions against known malware, including samples that first appeared over 20 years ago, such as 2001’s infamous ILOVEYOU virus. The top findings: even for decades-old malware, detection rarely lives up to vendors’ claims of 99.9% efficacy, and that rate drops dramatically with easy file modification or when not connected to the Internet.
Nyotron tested almost 60,000 known malware samples against AV products from three major vendors. The resulting report, “The Illusive 99.9%,” reveals:
- The average detection rate was only 95.6%, and dropped as low as 88%. The lowest-performing product missed 3,549 malware samples.
- Detection efficacy dropped dramatically with easy single-byte modification of the original virus, to as low as 60%.
- Offline detection efficacy fell as low as 34%.
“Today there are over one billion known viruses, with an additional million created every day, and that sheer volume renders modern AV tools ineffective even against decades-old, well-known malware,” said Nir Gaist, CTO, Nyotron. “If your entire protection stack is based on only chasing the bad, you will always remain vulnerable to both old and new viruses. Even if an AV product could deliver on its marketing collateral’s promise of 99.9 percent efficacy – and our research shows it rarely does – when you’re talking about billions of attacks, that’s still inadequate.”