CIMA and FP(s)

Since CIS uplauds every (new) unknown files to CIMA after autosandboxing there are MANY FP(s) done by it.
See FP reporting many of them come from CIMA (i.e Heur.Susp or UnclassifiedMal…)
Just why Comodo does not want to use valkyrie instead of CIMA (note that valk also use it from dynamic part).

faster scanning (as mostly is static)
don’t need to wait about 5/15 min (just takes ~10/15 sec for scanning)
LESS LESS AND LESS FP(s). I uplauded +5000 files since it has been started (about 2 yrs ago) and so far I had only 2 FP ! 1 was KingSoft AV 2013 installer second one is new ver of gmer.
I’m quite sure Comodo will integrate it one day but it would be good to have an approximate date.
I know it’s still under dev but more than 1 year ago Melih said several times that integration with FLS was being processed …

As you mentioned Valkyrie also has CIMA in the form of Dynamic Detection & CIMA gives many FPs & can be checked in the FP thread.

So you mean Static Detection & Advanced Heuristics are good, takes lesser time & would be good if they are implemented in the upcoming Valkyrie Cloud excluding CIMA i.e Dynamic Detection, am I right?

Excluding CIMA ? Well … I don’t know but atm valkyrie works perfectly well even with CIMA.

But Valkyrie also has CIMA so how FPs will be reduced?

I guess Valkyrie’s result is some kind of balanced result based on the detection of all the 3, Static, Dynamic & Advanced Heur, right?

Have you noticed if Static & Advanced doesn’t detects anything but Dynamic detects suspicious, whats Valkyrie’s result?

The GMER FP you mentioned in the first post, Valkyrie result for GMER is…

Static - 1 scanner found malware, 1 scanner found normal & others unknown

Dynamic - Suspicious+

Advanced Heur - All the 3 scanners unknown

Valkyire final result - Malware

I guess Valkyrie final result would be normal if Dynamic Detection was not there. I think Dynamic Detection plays more important part than the other 2 in Valkyrie result deciding factor. So how FPs will be reduced with Valkyire? All this is just a guess.

I had many cases like : Static : normal CIMA : suspicious + AdvancedHeur : Unknown and file was either Normal or unknown, I saw only 2/3 times something rated as “suspicious” (only detected by CIMA).

and one more

i agree spywar valkyrie will make a huge impact on CAV, it will greatly increase detection and dramatically reduce FPs. Im sure they will use it in unison with CIMA to create signatures but who knows when. I still see a lot of work being done to valkyrie so im sure they are preparing it.

Valkyrie uses a weighted system to determine a final result. Each detection AI will have a different weight in determining the Final result, same with the adv heur.

In my testing the dynamic detection (CIMA) has a very low weight in the result which is a good thing since it gives so many FPs. The AI and adv heur. combination is extremely accurate, atleast in my testings over the past year.

Yes, this is good.