¦p¦óµû¦ô¨¾¬r³nÅé-Å¥¤j®a»¡ ¤£¦pÅ¥±M®a»¡ |
|
¤@¯ë¤H¦p¦ó§P©w¨¾¬r³nÅ骺Àu¦H?©¹©¹¦³¿ù»~ªº»{ª¾ |
|
¤@¯ë¤H¤ñ¸û¨¾¬r³nÅéÀu¦Hªº¤è¦¡¡A©¹©¹´N¬O®³§Oªº¨¾¬r³nÅé¨Ó±½´y²{¦³ªº¹q¸£¨t²Î¡A¦pªGµo²{¤@³s¦ê°»´ú¨ì¯f¬rªºÁnµ(¹ê»Ú¤W즳ªº¨¾¬r³nÅé´N¦³¯à¤O§â¤@¨Ç¯f¬r¹jÂ÷¨ì¯S©wªº¥Ø¿ý¡A©¹©¹Å¥¨ì³sÄò¤£Â_ªº°»´úÁnµ¡A¬Oè¦n±½´y¨ì³oÓ¤w¹jÂ÷ªº¸U¬r¶ï)¡A´N·|ı±o¥Ø«e¨Ï¥Î¤¤ªº¨¾¬r³nÅé¤ñ¸û®t¡A¦Ó¤@¨Ç¨¾¬r³nÅé¤]¯S§O¥[±j°»´ú¨ì¯f¬rªºµ®Ä¥HÅý¤@¯ë¨Ï¥ÎªÌı±o¥¦ªº®ÄªG«Ü¦n¡C
¹ê»Ú¤W¡A¤@¯ëªº¨¾¬r³nÅé¥u¯àºÙ¬°±þ¬r³n¥ó-¬d±þ¤w¸g·P¬V¯f¬rªºÀÉ®×/¨t²Î¡A¨Ã¨S¦³§¹¥þ¨¾¤î¤¤¬rªº¥\¯à¡A¥u¦³¯f¬r¹Á¸Õn¼g¤J¨t²Î©Î¤w¸g·P¬V®É¤~°»´ú±o¨ì¡A¦ý©¹©¹¬°®É¤w±ß¡C |
|
|
|
±M®a¦p¦ó§P©w¨¾¬r³nÅ骺Àu¦H? |
|
±M®aµû¦ô¨¾¬r³nÅé(±þ¬r³n¥ó)ªºÀu¦H¡A¤j·§±q¥H¤U´XÓ±¦V¨Ó±´°Q¡A¥Ñ©ó¨Ï¥ÎªÌ¹ï¨¾¬r³nÅ骺n¨D«ÂI¤£¤@(¦³¤H°í«ù®æ±þ¤Å½×¡A¹ç¥i¿ù±þ¤@¦Ê¤]¤£n¿ù©ñ¸U¤@¡A¦³¤H«h¬O¤u§@Àu¥ý¡A§Y¨Ï¹q¸£¦³¬r¤]n¥ý§â¤u§@§¹¦¨¦A¨Ó³B²z¯f¬r°ÝÃD)¡A©Ò¥H¨Ã¨S¦³¤@Óµ´¹ï¦n©Îµ´¹ï¤£¦nªº²£«~¡C |
|
- ¤wª¾¯f¬rªº°»´ú¯à¤O:n¶V°ª¶V¦n¡C©Ò¿×ªº¤wª¾¯f¬r´N¬O¤w¦b¯u¹ê¥@¬É¬y«·P¬Vªº¯f¬r¡A´N¬OIn
the wild(ITW)ªº¯f¬r¡C³o¬O¥Ñwww.wildlist.org ³oÓ²Õ´©ÒºûÅ@ªº¤@Ó¤wª¾¯f¬rªº¸ê®Æ®w¡C´X¥G©Ò¦³ªº¨¾¬r¼t°Ó³£·|¥D°Ê¦^³ø·sµo²{ªº¯f¬r¼Ë¥»¡A¦Ó¤@¯ë¨Ï¥ÎªÌ¤]¥i¥H¦^³ø¡C¨¾¬r³nÅé(±þ¬r³n¥ó)¥²»Ý¯à¬d±þ³Ì¦hITWªº¯f¬r¡A³o¬O³Ì°ò¥»ªºn¨D¡C»PITW¬Û¹ïªº¬OIn
the Zoo-¬O¦s©ñ¦b¬ã¨s³æ¦ì¤ºªº¹êÅç©Ê½èªº¯f¬r¡A¨Ã¨S¦³¦b¥~¬y«¡C
- »~³ø²v(False Positive Rate): n¶V§C¶V¦n¡C»~³ø´N¬O±N¨S¦³°ÝÃDªºÀɮפ]±N¥¦§P©w¬°¯f¬r-µM«á±N¥¦§R°£/²M°£/¹jÂ÷/×´_¡A³o±`±`·|³y¦¨«D±`¤jªº·l¥¢¡C³\¦h¼Ðº]¯à¬d±þ³Ì¦h¯f¬rªº¨¾¬r³nÅé¡A©¹©¹¦³³oºØ°Æ§@¥Î¡C
- ¥¼ª¾¯f¬rªº°»´ú¯à¤O:¤]¬On¶V°ª¶V¦n¡C°£¤FITWªº¯f¬r®wªº¼Ë¥»¥~¡A¨ä¥¦ªº³£¬O¥¼ª¾«¬¯f¬r¡C³æ³æ2009¦~¤@¦~´N¦³730¸U°¦·sªº¯f¬rÅܺءA©Ò¥H¥¼ª¾¯f¬rªº°»´ú¯à¤O¦A«ç»ò±j³£ÁÙ¦³¿ò¯]¤§¾Ñ¡A»·Â÷¯f¬r¨Ó·½¬O¤@ºØ¦w¥þ¨Ï¥Î¹q¸£ªº´¼¼z¡A¦Ó¦P®É±Ä¨ú¥Î¤áºÝ-¥D¾÷ºÝ-¹h¹DºÝªº¦h¼h¦¸¨¾Å@¤]¬O¥²nªºÁa²`¨¾¿m¾÷¨î(defense-in-depth
)¡C
- ³q¹L²Ä¤T¤è¤½¥¿³æ¦ìªºÅçÃÒ:¥Ø«e³Ì±`³Q¤½»{¬°²Ä¤T¤è¤½¥¿³æ¦ìªº¨¾¬r²£«~ªºÅçÃÒ³æ¦ì¬°:
- Virus Bulletin-¯f¬r¤½³ø¡A¤]´N¬OVB100ªº»{ÃÒ³æ¦ì¡C¥¦ªº»{ÃÒ¾÷¨îÄYÂÔ¡C¥un³q¹L·í´ÁªºÅçÃÒ´N¯àÀò±oVB100ªºLogo¡A¦ý¨S¦³³q¹L¡A´N·|¥Ã»·¯d¤U°O¿ý¡A¨S¦³¸É¦Òªº¾÷¨î¡Cì¼tºô¯¸¬°
www.virusbtn.com¡A¤@¯ë¤H¤]¯à¥Ó½Ð¬°§K¶O·|û¡A´N¯à¦³«×ªº¦s¨ú¬ÛÃöªº¸ê·½¡CÁɪùÅK§J¬O·~¬É°ß¤@³sÄò44¦¸³q¹LVB100ªº³ÌÀu¨q¥Béw¥i¾aªº¼t°Ó¡C
- AV-comparatives-¯f¬r¤ñ¸û¡C¥¦ªº¤ñ¸û¤è¦¡¬O±N¦U®aªº¨¾¬r³nÅé¨Ì¾Ú
11.On-demand 2.Retrospective/Proactiveƒþ 3.Performance 4.Dynamic
5.Removal 6.Potentially Unwanted Applications (PUA) 7.False
Positive Rateµ¥´XӤ覡§@¤ñ¸û¡AµM«á§@¥X¤À¼Æ°ª§Cªº¦Cªí¡C¤jP¤À¬°:Advanced+(³Ì¨Î)¡BAdvanced(Àu¨q)¡Bstandard(¼Ð·Ç)¥H¤ÎTested(´ú¸Õ)µ¥¥|ӯżơCÁɪùÅK§J¬O³Ìªñ¤@¦~(2009)AV-comparativesªº¦~«×Á`«ax¡A¨Ã¥B±`ºAÀò±oAdvanced+(³Ì¨Î)ªºµû¤ñ¡C
- ¦è®ü©¤¸ÕÅç«Ç(West Coast Labs) ¬O Haymarket
Media Group ºX¤Uªº¤@Ó¹êÅç«Ç¡A¬°¸ê°T¦w¥þ²£«~»PªA°Èªº§Þ³N¬ã¨s¡B´ú¸Õ¥H¤Î Checkmark Certification
»{ÃÒªº¥þ²y»â¾É¾÷ºc¡CWest Coast Labs ¾Ö¦³¥«³õ»â¥ýªº§Þ³N¡A¨Ã¥B¦b^°ê¡B¬ü°ê¤Î¦L«×³£³]¦³³q¹L ISO17025
»{ÃÒªº´ú¸Õ³æ¦ì¡A¥þ²y»â¾É«~µP¼t°Ó¬Ò¨Ï¥Î¨äªA°È»P Checkmark Certification »{ÃÒ¨t²Î¨Ó³Ð³y¥«³õÀu¶Õ¡A¦Ó¤j«¬¥ø·~¤]ÂǦ¹¨t²Î¨ÓÀò±o¦³Ãö²£«~®Ä¯àªº«n§Þ³N«ü¼Ð¡CCheckMark
¹ï©ó¨¾¬r³nÅ骺»{ÃÒ¤À¬°Level¢¹¤ÎLevel¢º¨âºØ¡ALevel¢¹¥Nªí¯à°»´ú¨ì¯f¬r¡A¦ÓLevel¢º«h¬O¥²»Ý¯à§¹¾ã²M°£¯f¬r¡A¤£¯à¦³¥ô¦óªº°Æ§@¥Î¡CÁɪùÅK§J¦b³oÓµû¤ñ¤@ª½³£¬OÁZÀu¥Í¡C
- ICSA¬O°ê»Ú¹q¸£¦w¥þ¨ó·|ªºÂ²ºÙ(International
Computer Security Association)¡A«ùÄò¥H³Ì·sªº¼f®Ö¼Ð·Ç¡A¨Ó½T«O¹q¸£¨Ï¥ÎªÌ¸ê®Æ«O¦s»P¨t²Îªº¦w¥þ¡C2000¦~11¤ëICSA.net§ï¦W¬°TruSecure¡C°e´ú¨¾¬r²£«~Y¸g´ú¸Õ¥¢±Ñ¡A¥i¦A°e´ú¡A·~ªÌ¥²¶·¦b7¤Ñ¤º´£¥X¸Ñ¨M¤è®×¡A§_«h·|¥¢¥hICSA»{ÃÒ¸ê®æ¡CICSA¦¨¥ß¶W¹L20¦~¡Aºâ¬O·~¬Éªº¤¸¦Ñ¤½¥q¡CÁɪùÅK§J¦b³oÓµû¤ñ¤@ª½³£¬OÁZÀu¥Í¡C
|
|
¥H¤W¥|ºØ¬O¿ï¾Ü¨¾¬r³nÅé³Ì°ò¥»ªºn¨D¡A°£¦¹¤§¥~¡A±M®a¤]§â¥H¤U´XÂI¯S¦â¦C¬°¥²nªº°Ñ¦Ò·Ç«h: |
|
- ©ö©ó¦w¸Ë¾Þ§@:¨Ï¥Î¾Þ§@¬É±(GUI)n¤@¥Ø¤FµM¡A§Y¨Ï¤£¬Ý¾Þ§@¤â¥U¤]¯à»´©ö¤W¤â¡C¦w¸Ë®É³Ì¦n´N¤@ª½«ö¡y¤U¤@¨B¡z´N¦n¡A¤£»Ýn±M·~¤Hû¨ó§U¡C
- ¦Û°Ê§ó·sªº¥\¯à:³Ì¦n¨Ï¥ÎªÌ¤£»Ý¤¶¤J´N¯àÀH®É«O«ù³Ì·sªº¯f¬r©w¸qÀɤα½´y¤ÞÀºªº§ó·s¡C
- ¼vÅT¹q¸£ªº®Ä¯à¶V§C¶V¦n¡C
- °»´ú¨ì¥¼ª¾·s¯f¬r®É¡A³Ì¦n¯à¦Û°Ê«á°e¯f¬r¼Ë¥»µ¹ì¼t¡A¥H¥[§Ö¸ÑÃĪº»s§@´£¨Ñ¡C
|
|
¹ï©ó¦³¦h³¡¹q¸£©Î¼Æ¥H¸Upªº¤j«¬¥Î¤á¦Ó¨¥¡A¾A¥Î©ó²{¦³ITÀô¹Òªº¬Û®e©Ê¤ÎºÞ²z¥\¯à¡A§ó¬O²§±`«n¡A¦³Å²©ó¡y¬O§_¾A¦X¨Ï¥Î§K¶O¨¾¬r³nÅé¡zªºÄ³ÃD®É¦³³Q´£¤Î¡A¯÷¾ã²z´£¨Ñ¥H¤U¨â½g©å¨£¡AÂԨѰѦÒ: |
|
|
|
|
|
¥»²£«~§Ö³t¤ä´©/¸ê·½µ¡¤f: |
|
|
|
ÁɪùÅK§Jªº¨ä¥¦²Ä¤@¦W¸Ñ¨M¤è®×: |
|
|
|
|
|
|
|
|
|
 |
|
 |