Symantec seeks to patent technology for spotting malicious torrents

In most people’s minds, the concept of torrents is generally associated with pirated content. Despite this, everyone should know that BitTorrent is a file transfer / sharing protocol that can be used for legal as well as for illegal activities.

The proliferation and popularity of torrent sites has not passed unnoticed by cyber crooks, who consider them a great way to distribute malware and lead users to scams.

“Every day thousands of ‘fake’ torrents are uploaded from malicious sources, often labeled with the names of popular movies or TV shows,” TorrentFreak points out. “Needless to say, those who download these torrents don’t get what they were looking for.”

It’s impossible to tell whether a torrent is malicious or not just by looking at the name of the file, but Symantec believes they have a good solution for spotting the bad apples.

The solution, for which the company has filed a patent, relies on reputation information associated with the peers, the tracker, the original uploader, etc. The technology is set on identifying at least one entity involved in the torrent transaction (hopefully more), and on analysing its (their) trustworthiness.

Based on this evaluation, the solution determines whether the torrent file poses a risk to the user, and allows the user to chose what to do with that information, i.e. what “security action” to take.

“Examples of such security actions include, without limitation, alerting a user of the potential security risk, blocking access to the target file until overridden by the user, blocking network traffic associated with the torrent transaction, quarantining the target file, and/or deleting the target file,” the company explained in the patent application.

I doubt that the system is foolproof, but it does seem that it can help alleviate the problem of malicious torrents.