信息网络安全 ›› 2016, Vol. 16 ›› Issue (9): 113-117.doi: 10.3969/j.issn.1671-1122.2016.09.023

• • 上一篇    下一篇

恶意软件防治产品与服务评测体系研究

张健1(), 王文旭1, 牛鹏飞1, 顾兆军2   

  1. 1. 天津理工大学计算机与通信工程学院,天津 300384
    2. 中国民航大学信息安全测评中心,天津 300300
  • 收稿日期:2016-07-25 出版日期:2016-09-20 发布日期:2020-05-13
  • 作者简介:

    作者简介: 张健(1968—),男,天津,教授级高级工程师,博士,主要研究方向为信息网络安全、恶意软件防治;王文旭(1992—),男,河南,硕士研究生,主要研究方向为信息安全;牛鹏飞(1992—),男,山西,硕士研究生,主要研究方向为信息安全;顾兆军(1966—),男,山东,教授,博士,主要研究方向为网络与信息安全、搜索引擎、民航信息系统。

  • 基金资助:
    国家重点研发计划[2016YFB0800805];天津市科技服务业科技重大专项[16ZXFWGX00140];中国民航大学信息安全测评中心开放基金课题[CAAC-ISECCA-201501]

Research on Test Evaluation System of Anti-malware Products and Service

Jian ZHANG1(), Wenxu WANG1, Pengfei NIU1, Zhaojun GU2   

  1. 1. School of Computer and Communication Engineering, Tianjin University of Technology, Tianjin 300384, China
    2. Information Security Evaluation Center of Civil Aviation, Civil Aviation University of China, Tianjin 300300, China
  • Received:2016-07-25 Online:2016-09-20 Published:2020-05-13

摘要:

为了客观、科学地评价各安全厂商的恶意软件防治技术和产品,国际反病毒测评机构始终不断研究改进测试标准和方法,逐步由静态测试转变为动态测试。但是安全厂商和测评机构之间一直存在分歧,并多次引发纷争,也制约了中国信息安全产品国际化进程。为实现互联网强国战略,亟需加快中国标准和中国评测的建设。文章研究了国外主要恶意软件防治产品检测机构的检测标准与方法,分析了当前评测标准与用户面对的互联网安全威胁和高速发展的恶意软件防治技术不适应问题,提出基于互联网在线测试环境,使用真实安全威胁用例,采用连续累加测试模式,同步开展性能和误报测试,实施横向比对测试的恶意软件防治产品和服务评测体系建设思路,并分析了评测体系建设需要解决的关键问题。

关键词: 恶意软件, 实时检测, 评测体系, 测试标准

Abstract:

To objectively and scientifically evaluate the anti-malware technology and products, international anti-virus test agencies always continue to study and update the testing standards and methods, which is gradually from static test to real time test. However, there are different opinions between security vendors and test agencies, and even conflict. It restricts the international process of China’s information security products. In order to realize the Internet power strategy, it is urgent to speed up the construction of the Chinese standard and the Chinese evaluation. This paper studied the testing criteria and methodology of anti-malware testing organization in the world, and analyzed these issues between testing criteria and Internet security threats, anti-malware technologies. It proposed a new guideline of anti-malware products and service test evaluation system based on Internet online testing environment and real security threat case. The anti-malware comparison test mode was continuous, synchronized with the performance and a false positive test. At the same time, the paper analyzed and presented the key problem in the construction of evaluation system.

Key words: malware, real time test, evaluation system, testing standards

中图分类号: