【51CTO.com綜合報(bào)道】

目錄

1)測(cè)試產(chǎn)品和測(cè)試環(huán)境

2)詳細(xì)測(cè)試數(shù)據(jù)

3)免責(zé)聲明

一、測(cè)試產(chǎn)品和測(cè)試環(huán)境

1、本次0day惡意軟件時(shí)間積累測(cè)試在卡巴斯基反病毒軟件2012（12.0.0.374）版本、360殺毒2.0.0.2061版本、金山毒霸2012（獵豹）SP1.0.100100版本、QQ電腦管家6.0.1840.203版本、百銳啟發(fā)式引擎BDV1.6五款反病毒軟件之間進(jìn)行。

2、本次針對(duì)電子商務(wù)的0day惡意軟件檢測(cè)率測(cè)試在KAV 9.0.0.736版本，360sd2.0.0.2052版本、金山毒霸2011 SP7.2版本、QQ電腦管家5.0.1415.205版本，百銳啟發(fā)式引擎BDV1.6版本五款反病毒軟件之間進(jìn)行。

2、統(tǒng)一測(cè)試環(huán)境

Windows XPsp3

二、詳細(xì)測(cè)試數(shù)據(jù)

1、測(cè)試簡(jiǎn)介及最新亮點(diǎn)

本報(bào)告所述的0day病毒，是指發(fā)布時(shí)間不足一天的惡意軟件或者由0day漏洞引入的惡意軟件。由于這類惡意軟件在發(fā)布初期還未被主流反病毒軟件所識(shí)別，反病毒軟件公司捕獲病毒樣本并通過分析加入病毒庫需要一定時(shí)間，而這段時(shí)間內(nèi)惡意軟件傳播性極強(qiáng)、危害極大。

本次測(cè)試首次使用0day惡意軟件樣本集，并引入了時(shí)間積累測(cè)試概念，通過此測(cè)試可以反映出待測(cè)軟件對(duì)新病毒的響應(yīng)時(shí)間。

當(dāng)前電子商務(wù)行業(yè)發(fā)展迅速，隨之而來的是針對(duì)電子商務(wù)的惡意軟件曾爆發(fā)式增長(zhǎng)，給用戶帶來了巨大的經(jīng)濟(jì)損失。本次測(cè)試重點(diǎn)關(guān)注了反病毒軟件對(duì)此類惡意軟件的防護(hù)能力。

2、0day惡意軟件時(shí)間積累測(cè)試

PCSL選用同一批0day惡意軟件樣本集（768個(gè)），使用待測(cè)軟件進(jìn)行多次掃描測(cè)試（安全軟件開啟云查殺功能，每次掃描前均升級(jí)到最新病毒庫）。即，對(duì)該批病毒樣本在捕獲后立即進(jìn)行第一次掃描測(cè)試，1小時(shí)之后進(jìn)行第二次掃描測(cè)試，24小時(shí)之后進(jìn)行第三次掃描測(cè)試，2天之后進(jìn)行第四次掃描測(cè)試，3天之后進(jìn)行第五次掃描測(cè)試，4天后進(jìn)行第六次掃描測(cè)試。每次掃描測(cè)試，待測(cè)軟件識(shí)別的惡意軟件個(gè)數(shù)與惡意軟件樣本集總數(shù)的比值即為測(cè)試成績(jī)。所有待測(cè)軟件的測(cè)試成績(jī)統(tǒng)計(jì)如下表所示：

3、針對(duì)電子商務(wù)的0day惡意軟件檢測(cè)率

注：選用針對(duì)電子商務(wù)的最新惡意軟件樣本集

三、免責(zé)聲明

關(guān)于PCSL

PCSL是國內(nèi)唯一從事反惡意軟件測(cè)試的第三方獨(dú)立機(jī)構(gòu)，也是國際反惡意軟件測(cè)試標(biāo)準(zhǔn)組織AMTSO、亞洲反病毒研究者協(xié)會(huì)AVAR的獨(dú)立會(huì)員和IEEE Malware Working Gourp的獨(dú)立觀察員。AMTSO著名成員包括：Vi rus Bul let in(VB100)、av-comparat ives、avtest、West Coast Labs(西海岸實(shí)驗(yàn)室)、NSS Lab等權(quán)威機(jī)構(gòu)與安全廠商。PCSL遠(yuǎn)景是立足中國，通過不斷地創(chuàng)新和改良測(cè)試體系，模擬最貼近用戶日常使用的計(jì)算機(jī)環(huán)境，提供可信并具備參考價(jià)值的測(cè)試報(bào)告。

免責(zé)聲明

It is not permitted to extract parts from our test results and transfer them into your own tests or to use the final data without written permission from PC Security Labs. We cannot be held liable for any damage or loss, which might result from the use of information provided on our website or in our test reports. We do our best to ensure the correctness of test results, but we do not at any time provide a guaranty for the correctness or completeness of the information published on our website or in our test reports. You are allowed to download, view, print and copy the material from our site to the hard disk of your computer and use it in good faith only for your personal, non-commercial purpose as information resource. It is forbidden to transmit or re-circulate any material obtained from PC Security Labs (including from any email delivered by PC Security Labs) to any third party without our prior written consent. We focus on computer security and we do our best to try and protect PC security. All samples are gathered from the Internet. All our research is undertaken in a secure environment and to prevent any manipulation, we remove all extensions of a sample.  Any commercial organization that wishes to cite findings contained in the report should contact Jeffrey on his email address (jeffrey@pcsecuritylabs.net). Any antivirus vendor may use our monthly or annual testing award logo free of charge on the Internet, on marketing material and on product packaging. For more detailed information about the annual certification, please contact Jeffrey Wu via email: jeffrey@pcsecuritylabs.net. We reserve the right of withdrawing the license of monthly award and annual certification in case of improper use by an antivirus vendor.