Since CIS uplauds every (new) unknown files to CIMA after autosandboxing there are MANY FP(s) done by it.
See FP reporting many of them come from CIMA (i.e Heur.Susp or UnclassifiedMal…)
Just why Comodo does not want to use valkyrie instead of CIMA (note that valk also use it from dynamic part).
faster scanning (as mostly is static)
don’t need to wait about 5/15 min (just takes ~10/15 sec for scanning)
LESS LESS AND LESS FP(s). I uplauded +5000 files since it has been started (about 2 yrs ago) and so far I had only 2 FP ! 1 was KingSoft AV 2013 installer second one is new ver of gmer.
I’m quite sure Comodo will integrate it one day but it would be good to have an approximate date.
I know it’s still under dev but more than 1 year ago Melih said several times that integration with FLS was being processed …
The GMER FP you mentioned in the first post, Valkyrie result for GMER is…
Static - 1 scanner found malware, 1 scanner found normal & others unknown
Dynamic - Suspicious+
Advanced Heur - All the 3 scanners unknown
Valkyire final result - Malware
I guess Valkyrie final result would be normal if Dynamic Detection was not there. I think Dynamic Detection plays more important part than the other 2 in Valkyrie result deciding factor. So how FPs will be reduced with Valkyire? All this is just a guess.
i agree spywar valkyrie will make a huge impact on CAV, it will greatly increase detection and dramatically reduce FPs. Im sure they will use it in unison with CIMA to create signatures but who knows when. I still see a lot of work being done to valkyrie so im sure they are preparing it.
Valkyrie uses a weighted system to determine a final result. Each detection AI will have a different weight in determining the Final result, same with the adv heur.
In my testing the dynamic detection (CIMA) has a very low weight in the result which is a good thing since it gives so many FPs. The AI and adv heur. combination is extremely accurate, atleast in my testings over the past year.