Educause Security Discussion mailing list archives
Re: Benign samples for testing AV vendors
From: John McCabe <john.mccabe01 () MANHATTAN EDU>
Date: Mon, 20 May 2019 18:07:04 -0400
Hi Bobby, I googled your name as I was not sure I understood your purpose. I see that you're an antivirus researcher so I wish you success in making AV better. AV is an example of a computation that does its best to ignore the Halting Problem. I'm of the mindset that false positive are fine as long as the user can report false positive back to the AV company and the AV company does its best to improve. To answer your question, I'm not sure if a dataset meant to measure the false positive rate of AV exists. It is too bad that spec.org does not have a specific dataset for this purpose. Others have mentioned that EICAR is technically a false positive but that's by design, which is uninteresting if you want to measure & compare the false positive rate of AV solutions. RHEL software should be easy to find from CentOS package repositories. You can always use yum to download the source RPM (SRPM) & compile with different optimization levels, to gather "extra" programs. See if https://chocolatey.org/ and https://ninite.com/ can give you enough executables for your testing. In my experience, they are virus-free. Don't use download.com, cnet.com, sourceforge, etc. Regards, John On Mon, May 20, 2019 at 4:39 PM Bridges, Robert A. < 0000008d8011d045-dmarc-request () listserv educause edu> wrote:
Hi, we’re planning on testing some AV vendors products. Is there a good way to collect or download known benign files for many different OSes, specifically Windows 7, 10, and RHET distros? Thanks Bobby Robert A. Bridges, PhD, Oak Ridge National Laboratory
-- *John McCabe * *Senior Information Security Manager & Data Protection OfficerInformation Technology Services* [image: Manhattan College Logo/Shield] Riverdale, NY 10471 Phone: 718-862-6217 john.mccabe01 () manhattan edu www.manhattan.edu
Current thread:
- Benign samples for testing AV vendors Bridges, Robert A. (May 20)
- Re: Benign samples for testing AV vendors Frank Barton (May 20)
- Re: Benign samples for testing AV vendors Kevin Wilcox (May 20)
- Re: Benign samples for testing AV vendors John McCabe (May 20)
- Re: [EXTERNAL] Re: [SECURITY] Benign samples for testing AV vendors Bridges, Robert A. (May 22)