Skocz do zawartości

Malware Research Group: Flash Test 5/18/2011 - Exploits

Rekomendowane odpowiedzi

Pomoc jest darmowa, ale proszę rozważ przekazanie dotacji na utrzymanie serwisu: klik.

A mi się udało odnaleźć metodologię w kilka sekund:


The Methodology:


The purpose of MRG flash tests is to assess how security applications react to zero day - early life threats. In our experience, the vast majority of ITW infections are caused by malware less than a week old, even though these make up a small proportion of the total population.


In these tests we will be using samples taken directly from live URLs. All samples are analysed in our labs to determine their type and confirm their malicious nature.


We have created a simple methodology to emulate how these zero day threats could infect a system in the real world.


The samples are downloaded from their native URLs via Internet Explorer to test systems with active security software installed. The Security applications will have up to four chances of passing the test by achieving any one of the following:


1) Detecting the sample upon download


2) Detecting the sample downloaded to the desktop during an on demand scan


3) Detecting and blocking execution of the sample on the desktop


4) In the case of financial malware, preventing data breach by any active sample.


All tests are conducted on a clean Windows 7 32 VM, with all updates applied.


All security applications are installed with default settings and the most recent build and signatures used in each test.

Odnośnik do komentarza
Ten temat został zamknięty. Brak możliwości dodania odpowiedzi.
  • Ostatnio przeglądający   0 użytkowników

    • Brak zarejestrowanych użytkowników przeglądających tę stronę.
  • Dodaj nową pozycję...