The birth of the independent antivirus engine is the history of blood and tears in the paper market
In the second half of 2014, Tencent, Baidu and 360 heavy soldiers gathered in the security circle. In June, Tencent's independent anti-virus engine project passed international evaluation. In October, Baidu announced the self-developed anti-virus engine "Snow Wolf Engine". In November, when the online user festival was held in 360, the QVM engine was vigorously promoted to create a new technical road. In the end, what prompted several major Internet giants to rush into the field of network security?
If we look back at the history of antivirus engines in the market, we will realize that their motivation is actually all kinds of embarrassment and hidden worries:
The acquisition of Macfee by Intel for $ 7.7 billion in 2010 has proved that building an anti-virus engine with international advanced technology level requires at least continuous investment of billions of dollars and a large number of top technical talents, as well as sufficient virus sample accumulation and virus acquisition channels . This is unimaginable for the first generation of anti-virus software vendors represented by Jiangmin, Rising and Kingsoft. After the "3Q War", the Internet giants led by Tencent Baidu finally realized that it would not be possible to win the trust of the majority of netizens without an excellent antivirus engine, and then they made up their minds and devoted themselves to the research and development of independent antivirus engines.
But before the independent antivirus engine became successful, China's antivirus software manufacturers had to "make wedding clothes for others" for free-so far, the most installed antivirus software, which contains the antivirus engines of major overseas manufacturers. Domestic anti-virus software manufacturers not only have to obey the flexible quotes offered by these overseas anti-virus engine service providers to pay real gold and silver cooperation fees, they are accompanied by free-to-measure free marketing, and they must also provide anti-virus software to users for free.
What is more serious is that if a small number of people with ulterior motives directly control the computer through the "back door" of the antivirus engine, then the entire network system is almost equivalent to "opening the city gate" and giving up the network dominance to others. This will threaten China's political, military, economic, and cultural security. From the perspective of maintaining national information security, if China's independent anti-virus engine research and development progress is not accelerated, it will not be able to keep up with the country's strategic needs. Therefore, the research and development and promotion of domestic independent free antivirus engines have reached an urgent moment.
Three autonomous antivirus engines: different trajectories, mixed worries
With the successive appearances of the three domestic independent antivirus engines in the second half of this year, we can now preliminary review the latest progress of the Internet giants in the security field, and we can find that their respective trajectories are different:
In June, Tencent Computer Butler passed the VB100 test only by turning on the independently developed TAV antivirus engine. This is the most important milestone on the domestic independent antivirus engine-because VB100 represents the most stringent and harsh test environment, only 100 % All tests can get certification. Even if there is a missed investigation or manslaughter, you cannot pass the level. This shows that the first domestic anti-virus engine that has reached the world advanced level has been successfully developed by Tencent, and the TAV engine has the ability to replace overseas anti-virus engines. There is no doubt that this is a major breakthrough in the history of Chinese security software.
In October, Baidu made a high-profile promotion for "Baidu Anti-Virus 3.0", publicizing that the software uses an independently developed "Snow Wolf Engine". However, when Baidu introduced the "Snow Wolf Engine", it had to enumerate a series of new terms such as "quantum killing", but did not explain the more specific new technology principles. From this we can judge that the antivirus engine has just entered the international perspective. , In the embryonic test stage. What Baidu urgently needs to improve is to expand user installations and market share, so as to ensure that this new engine can obtain a sufficient number of virus sample libraries and acquisition channels.
In November, the 360 Fan Festival mentioned the progress and achievements of the self-developed QVM engine. However, currently 360 mainly talks about the overall performance of the 360 antivirus software in the VB100. It has not taken out the QVM engine to participate in related tests. 360 also very frankly stated in the relevant publicity article that the advantage of the QVM engine is "make 360 antivirus more effective. brisk".
It can be seen that the research and development of China ’s independent antivirus engine is still at the stage of “one foot just entering the threshold of the temple”: the existing TAV antivirus engine developed by Tencent has been truly developed and can gradually replace the overseas antivirus engine.
Perspective on the reasons for the development of antivirus engines are quite different: corporate culture determines their "personality"
If we carefully study the existing information, we will find that the three major independent antivirus engines have obvious "personality": the "personality" of Tencent TAV antivirus engine can be described as "stable"-hundreds of millions of user levels The accumulation of 2.4 million applications on the open platform, etc., has made Tencent ahead of other peers in the two key hard indicators of the accumulation of the sample database and channels. Therefore, the Tencent TAV antivirus engine is particularly good at extracting virus and Trojan horse signatures. Perform identification and killing.
As a victim of the black Trojan horse industry for many years, the major software and services of Tencent are the primary targets of many hackers and Trojans. No wonder Tencent can obtain the most comprehensive virus sample database and collection channels, which has also become the Tencent TAV antivirus. The main reason why the engine can successfully cope with various severe tests, especially the "single-headed" VB100.
To ensure foolproof, Tencent also introduced innovative dynamic simulation detection technology in the TAV antivirus engine. Simply put, Tencent's thinking is based on killing virus trojans in the most extreme environments. To this end, the samples are virtualized in their own bodies, so that the virus samples can be learned before they can do bad things. This kind of patience polishing of "foreseeing the future" is another proof of Tencent's comprehensive stability.
In contrast, Baidu does not explain much about the specific technical principles of the "Snow Wolf Engine", but it has a lot of publicity-after all, Baidu is very experienced in marketing, so it gave out terms such as "quantum killing" and mentioned "Baidu Artificial intelligence and big data such as the brain can help the engine. However, after all, Baidu ’s qualifications in security software are still low. Last year, it released “Baidu Anti-Virus 1.0”. The actual effect of the “Snow Wolf Engine” has yet to be verified by VB100. This also means that “Snow Wolf Engine” is still “ "Youth wolf", personality is relatively "tender".
The personality of the second-generation QVM engine of 360 is obviously more "demon"-by focusing on artificial intelligence technology, a set of algorithms are found to learn and learn the rules of virus changes. This is a shortcut to virus killing, but if you encounter a new virus that is “unreasonable and unscrupulous” or programming normal software that is not standardized, the killing effect is difficult to say because it is not included in the calculation of its algorithm. In fact, the speed of 360 killing and killing is very famous in the industry, but the false alarm rate has always been high. This effect of "killing 10,000 enemies and causing damage to three thousand" is currently not the mainstream in the industry.
To sum up, Tencent "has long been a good doctor", Baidu is keen on marketing "drawing a blueprint", and 360 likes the company history and corporate culture of "undefeated, let's do it first", which determines the "personality of each antivirus engine" And results are different.
Domestic anti-virus engines take a step forward and need to continue their efforts
From this point of view, it took billions of dollars of national cybersecurity elites and spent many years. Domestic manufacturers finally developed several independent antivirus engines, which can provide independent antivirus services for the majority of Internet users and government and enterprise users. Is it worth it? From the perspective of safeguarding national security and social development, as well as the specific needs of protecting the vital interests of netizens, it is indeed worthwhile to do so. And with the Tencent TAV engine taking the lead in "breaking the line", after proving such a huge price, we finally In exchange for the contrasting results.
Of course, what we should see more is that information security is an important guarantee for China to fight against hegemonism and resist information aggression. Although the development of domestic independent anti-virus engines has been developed in the past, it will eventually be among the internationally advanced technology levels to achieve accurate detection and killing. This is the result that everyone is most willing to see.Reprinted please indicate: http://marurah.com