行为检测模型可以专注于攻击者实际在做什么,而不是依靠一组可能过时的病毒特征库,或者无法及时反映攻击者踪迹的指标。
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
对于防病毒软件已更新的特征库的要求是什么?
What are the requirements for the antivirus database that has been updated?
相对于传统的特征码匹配方法,这些技术不依靠病毒库,可以防范未知病毒。
Compared with traditional character code matching method, these technology can prevent unknown viruses without virus library.
应用推荐