Internet Association announces eight types of malicious software definitions

Internet Association of China officially announced the "malware definition" rules today. This is the first time an official organization has published a definition of malware. In the future, detection and removal of malware will be based on evidence.

Huang clarified that forced installation, hard to uninstall, browser hijacking, advertisement pop-up, malicious collection of user information, malicious uninstallation, and malicious bundling are among the following eight phenomena, other malicious behaviors that infringe the user's right to know and right to choose can be regarded as malware if one item is involved.

According to the introduction, in the future, the anti-malware identification Board will determine from the technical aspect based on this definition to determine whether it complies with the definition and characteristics of malware and provide decision-making opinions for the anti-malware Coordination Working Group.

Yang junzuo, leader of the Internet Association's anti-malware Coordination Working Group, said that once a software is identified as malware, the Internet Association will notify anti-virus software and killing tools to scan and kill it. (Liu Yang)

Detailed Rules for malware definition are attached:

To ensure the operability of the "malware definition" to continuously adapt to the development of the Internet, the following explanation is given for the "malware definition:

1. Force installation: the installation of software on the user's computer or other terminal is not explicitly prompted to the user or without the user's permission.

A) The user is not prompted during installation;

B) no explicit options are provided during the installation process;

C) users are not provided with the function of exiting the installation during the installation process;

D) prompt the user during the installation process that the user is not adequate or clear; (clear and adequate prompts include but are not limited to the software author, software name, software version, software functions, etc)

2. Hard to uninstall: it refers to the failure to provide a general method of uninstallation, or there is still activity after uninstallation without being affected or damaged by other software.Program.

A) there is no clear and general uninstall interface (for example, "add or delete programs" for "program groups" and "Control Panel" in Windows ");

B) when the software is uninstalled, additional mandatory conditions are attached, such as network connection, verification code input, and question answering.

C) It shall not be completely uninstalled without the impact of other software or human damage, and there shall be still subroutines or modules running (such as in the Process mode );

3. browser hijacking: changes the user's browser or other related settings without the user's permission, forces the user to access a specific website or causes the user to fail to access the Internet normally.

A) restrict users' modifications to browser settings;

B) add, delete, and modify the content of the website accessed by the user without authorization;

C) force users to access a specific website or fail to access the Internet normally.

D) modifying the user's browser or operating system settings leads to the above three phenomena.

4. Advertisement pop-up: means that the user is not explicitly prompted or uses software installed on the user's computer or other terminal to bring up the advertisement without the user's permission.

A) The user is not informed of the pop-up advertisement of the software during installation;

B) the pop-up advertisement cannot be closed;

C. When an advertisement pops up, the user is not notified of the software information of the advertisement;

5. Malicious collection of user information: Malicious collection of user information without explicitly prompting the user or without the user's permission.

A) when collecting user information, the user is not prompted to collect information;

B) No options are provided for users to select whether to allow information collection;

C) users cannot view information they have collected;

6. Malicious detaching: this means that the user is not explicitly notified, unauthorized, or misleading or deceiving the user to detach other software.

A) False description of other software;

B) prompt other software errors;

C) directly delete other software.

7. Malicious bundling: bundling software that has been recognized as malware.

A) install the identified malware along with the installation;

B) install or run other identified malware in various ways after installation.

8. Other malicious behaviors that infringe on Users' Right to Know and choose from.

These rules are formulated and modified by the Internet Society of China.

 

From http://news.csdn.net/n/20070616/105399.html