kaspersky lab zao_kaspersky os下载_kaspersky密码(9)

signature ysis;

ysis based on comparing the hash values of an object being yzed and the hash values of objects known to be harmful;

ysis of an object on the basis of a journal of events uding the events occurring. during the emulation of the object's code;

ysis of an object with the use of a “sandbox”, based on an ysis of he execution of the object in a restricted environment;

ysis of system events during the execution of an object's code by comparing them with events characteristic of harmful behavior, such as creating an entry in the “autostart” folder without the user's knowledge;

ysis with the aid of an expert evaluation, which involves a multilateral evaluation of the parameters as a whole (both direct evaluation of an object and evaluation of its behavior, e.g., ysis of its actions during its execution);

monitoring of applications with the aid of predetermined rules including search terms for forbidden actions and criteria for their restriction, for example, blocking the working of the application.

In different aspects, the checking module 250 and the ysis module 270 may include some or all of the above-enumerated methods of antivirus checking。 The list of check methods on the modules 250 and 270 depends on the original setup of these modules。 And the setup is based on an ysis of the functionality of each VM 150 and the entire host machine 110。 For example, while installing an antivirus agent 220 on the VM 150 it was determined that this VM 150 does not have access to the external network 190, so it does not make sense to provide a functional including methods which describe the monitoring and ysis of network traffic as an antivirus agent 170, residing on this VM 150。

本文来自电脑杂谈，转载请注明本文网址：
http://www.pc-fly.com/a/jisuanjixue/article-50822-9.html