千呼万唤始出来Dr.Web Security Space 12.0 Beta降临【2018年10月22日 正式版发布】

驭龙

今天来个猛料

Machine learning Method

Used to find and neutralize malicious objects that are not yet in the virus databases. The advantage of this method is the recognition of malicious code without execution, only on the basis of its characteristics.

Threat detection is based on the classification of malicious objects according to certain characteristics. With the help of machine learning technology based on the method of reference vectors, the classification and writing into the database of code fragments of scripting languages takes place. The scanned objects are then analyzed based on the characteristics of the malicious code. Machine learning Technology automates the updating of the list of traits data and the replenishment of virus databases. By connecting to the cloud service, processing large amounts of data is faster, and continuous system training provides preventative protection against the latest threats. In this case, the technology can function without permanent access to the cloud.

Machine learning method essentially saves the operating system resources, because it does not require execution of code to detect threats, and dynamic machine training classifier can be carried out without the constant updating of virus databases, which Used in signature analysis.

Cloud Threat Detection

Cloud discovery methods allow you to check any object (file, application, browser extension, etc.) by Hash. It is a unique sequence of numbers and letters of a given length. In hash analysis, objects are validated against an existing database and then classified into categories: clean, suspicious, malicious, etc.

This technology optimizes file scan time and saves device resources. Due to the fact that not analyzed the object itself, and its unique hash-sum, the decision is made almost instantly. If there is no connection to Dr. WEB servers, the files are scanned locally and the cloud scan resumes when the connection is restored.

Thus, Doctor web's cloud service collects information from numerous users and quickly updates data on previously unknown threats, thereby increasing the effectiveness of device protection.

pal家族

算是有点新意（问号）
别人家几年前的新意。

有些新变化还是值得高兴。12beta在我这里确实比11.5流畅，卡exe有所缓解。不知道这次更新检测率有多大提升

驭龙

pal家族 发表于 2018-10-1 18:39
算是有点新意（问号）
别人家几年前的新意。

其实没意思，看看CTD的内容，好像还是扫描加速为主，而ML的话，不清楚，但是好像是也需要云，在这里WD都已经把这些玩烂了，人家现在都把经历放在别地方了，而蜘蛛才玩，就它的用户数量，它的CTD能怎样？未知数

Agu

感覺還是太跟風沒新意，除非Dr.Web能夠一開始就做得很出色...

EnZhSTReLniKoVa

驭龙 发表于 2018-10-1 19:03
其实没意思，看看CTD的内容，好像还是扫描加速为主，而ML的话，不清楚，但是好像是也需要云，在这里WD都 ...

WD  EMET整合到WD里。 本地云端算法。 秒级入库。 云杀都不想玩了。来来来 一起陪我玩沙箱。

aboringman

我来看看，希望这次有干货

驭龙

aboringman 发表于 2018-10-5 00:39
我来看看，希望这次有干货

你一定会失望的

kerlee

小厂想做云的结果就是花时间花钱效果还不一定好，还不如去好好做做自己有把握的技术了，比如多精进下引擎什么的

xique666

awa 期待12