重庆大学学报:自然科学版2012,Vol.35Issue(2):65-70,6.
恶意代码的符号执行树分析方法
A malware analysis method based on symbolic execution tree
摘要
Abstract
In the malware analysis, it is a common method to monitor malware dynamically in a virtual environment. However, with so many branches of executable pathes, path explosion problem will probably occur, leaving some executable pathes uncovered, and hence harming the comprehensiveness of analysis. To solve this problem, we propose a rnalware analysis method based on symbolic execution tree. This method introduces sinknode and solves the execution of malicious code path by constructing the symbolic execution tree, so improves the analysis of comprehensive. Experiments to analyze the samples of malware show that the method can enhance the efficiency of the analysis with lower time complexity.关键词
符号执行/路径爆炸/恶意代码分析/汇聚节点/二进制程序分析Key words
symbolic execution/path explosion/malware analysis/sink node/binary analysis分类
信息技术与安全科学引用本文复制引用
钟金鑫,魏更宇,安靖,杨义先..恶意代码的符号执行树分析方法[J].重庆大学学报:自然科学版,2012,35(2):65-70,6.基金项目
国家自然科学基金资助项目 ()
