【51CTO.com綜合報道】

目錄

1)測試產(chǎn)品和測試環(huán)境

2)詳細測試數(shù)據(jù)

3)免責聲明

一、測試產(chǎn)品和測試環(huán)境

1、本次0day惡意軟件時間積累測試在卡巴斯基反病毒軟件2012（12.0.0.374）版本、360殺毒2.0.0.2061版本、金山毒霸2012（獵豹）SP1.0.100100版本、QQ電腦管家6.0.1840.203版本、百銳啟發(fā)式引擎BDV1.6五款反病毒軟件之間進行。

2、本次針對電子商務(wù)的0day惡意軟件檢測率測試在KAV 9.0.0.736版本，360sd2.0.0.2052版本、金山毒霸2011 SP7.2版本、QQ電腦管家5.0.1415.205版本，百銳啟發(fā)式引擎BDV1.6版本五款反病毒軟件之間進行。

2、統(tǒng)一測試環(huán)境

Windows XPsp3

二、詳細測試數(shù)據(jù)

1、測試簡介及最新亮點

本報告所述的0day病毒，是指發(fā)布時間不足一天的惡意軟件或者由0day漏洞引入的惡意軟件。由于這類惡意軟件在發(fā)布初期還未被主流反病毒軟件所識別，反病毒軟件公司捕獲病毒樣本并通過分析加入病毒庫需要一定時間，而這段時間內(nèi)惡意軟件傳播性極強、危害極大。

本次測試首次使用0day惡意軟件樣本集，并引入了時間積累測試概念，通過此測試可以反映出待測軟件對新病毒的響應(yīng)時間。

當前電子商務(wù)行業(yè)發(fā)展迅速，隨之而來的是針對電子商務(wù)的惡意軟件曾爆發(fā)式增長，給用戶帶來了巨大的經(jīng)濟損失。本次測試重點關(guān)注了反病毒軟件對此類惡意軟件的防護能力。

2、0day惡意軟件時間積累測試

PCSL選用同一批0day惡意軟件樣本集（768個），使用待測軟件進行多次掃描測試（安全軟件開啟云查殺功能，每次掃描前均升級到最新病毒庫）。即，對該批病毒樣本在捕獲后立即進行第一次掃描測試，1小時之后進行第二次掃描測試，24小時之后進行第三次掃描測試，2天之后進行第四次掃描測試，3天之后進行第五次掃描測試，4天后進行第六次掃描測試。每次掃描測試，待測軟件識別的惡意軟件個數(shù)與惡意軟件樣本集總數(shù)的比值即為測試成績。所有待測軟件的測試成績統(tǒng)計如下表所示：

3、針對電子商務(wù)的0day惡意軟件檢測率

注：選用針對電子商務(wù)的最新惡意軟件樣本集

三、免責聲明

關(guān)于PCSL

PCSL是國內(nèi)唯一從事反惡意軟件測試的第三方獨立機構(gòu)，也是國際反惡意軟件測試標準組織AMTSO、亞洲反病毒研究者協(xié)會AVAR的獨立會員和IEEE Malware Working Gourp的獨立觀察員。AMTSO著名成員包括：Vi rus Bul let in(VB100)、av-comparat ives、avtest、West Coast Labs(西海岸實驗室)、NSS Lab等權(quán)威機構(gòu)與安全廠商。PCSL遠景是立足中國，通過不斷地創(chuàng)新和改良測試體系，模擬最貼近用戶日常使用的計算機環(huán)境，提供可信并具備參考價值的測試報告。

免責聲明

It is not permitted to extract parts from our test results and transfer them into your own tests or to use the final data without written permission from PC Security Labs. We cannot be held liable for any damage or loss, which might result from the use of information provided on our website or in our test reports. We do our best to ensure the correctness of test results, but we do not at any time provide a guaranty for the correctness or completeness of the information published on our website or in our test reports. You are allowed to download, view, print and copy the material from our site to the hard disk of your computer and use it in good faith only for your personal, non-commercial purpose as information resource. It is forbidden to transmit or re-circulate any material obtained from PC Security Labs (including from any email delivered by PC Security Labs) to any third party without our prior written consent. We focus on computer security and we do our best to try and protect PC security. All samples are gathered from the Internet. All our research is undertaken in a secure environment and to prevent any manipulation, we remove all extensions of a sample.  Any commercial organization that wishes to cite findings contained in the report should contact Jeffrey on his email address (jeffrey@pcsecuritylabs.net). Any antivirus vendor may use our monthly or annual testing award logo free of charge on the Internet, on marketing material and on product packaging. For more detailed information about the annual certification, please contact Jeffrey Wu via email: jeffrey@pcsecuritylabs.net. We reserve the right of withdrawing the license of monthly award and annual certification in case of improper use by an antivirus vendor.