实施这些技术的难度有多大?
这些技术正在应用于现代反病毒软件中吗?
检测多态病毒和变形病毒的技术?[已关闭]
原标题:
最佳回答
I thought most of the virus scanners nowadays use sandbox techniques to check for "bad" behavior. Therefore the polymorphic virusses will also be detected.
of course these detection techniques are also known to virus creators, and can easily be bypassed using a bunch of random, unharmfull, code executions before the actual payload.
问题回答
不可能检测到所有已知的poly/metamoric坏代码。白名单验证是唯一可证明的技术。这并不总是可行的,尤其是如果你的基础设施/计算机没有得到很好的维护。这就是为什么签名、启发式、基于仿真的检测仍然有价值的一个很好的原因。
相关问题
热门标签
- winforms
- combobox
- fogbugz
- java
- date
- internationalization
- asp.net
- iis
- url-rewriting
- urlrewriter
- c#
- enums
- ocaml
- haxe
- algorithm
- string
- viewstate
- .net
- c++
- c
- symbol-table
- mysql
- database
- postgresql
- licensing
- migration
- vb.net
- vb6
- declaration
- vb6-migration
- python
- psycopg2
- backup
- vmware
- virtualization
- gnu-screen
- authentication
- desktop
- excel
- xll
- cultureinfo
- regioninfo
- oracle
- client
- session
- download
- html
- virtual
- constructor
- scenarios
- perl
- full-text-search
- javascript
- ajax
- testing
- oop
- inheritance
- vim
- encapsulation
- information-hiding