四川大学学报(自然科学版)Issue(6):1216-1222,7.DOI:10.3969/j.issn.0490-6756.2013.06.012
基于中间代码的恶意软件检测技术研究
Malware detection technologies based on software intermediate code
摘要
Abstract
The intermediate code is a special style of software representation which locates between the machine language and the high level programming language ,and it can take advantage of understandable semantic information and actual execution condition for malware analysis .The malicious behavior infor-mation and characteristics can be easily found from the semantic information of intermediate code ,and malware detection or classification can be realized by analyzing the whole or local information of control flow graph .Machine learning facilitates security information and rules mining in a large number of com-plex software representations ,which is deemed as a kind of advanced malware detection method in recent malware research .This paper categorizes and analyzes the malware research technologies according to the semantic information and control flow structure of software intermediate code ,and makes deep anal-ysis to intermediate code processing and application methods based on machine learning .关键词
恶意软件检测/中间代码/软件特征/机器学习Key words
malware detection/intermediate code/software feature/machine learning分类
信息技术与安全科学引用本文复制引用
杨洪深,赵宗渠,王俊峰..基于中间代码的恶意软件检测技术研究[J].四川大学学报(自然科学版),2013,(6):1216-1222,7.基金项目
安徽省教育厅自然科学研究项目(KJ2012Z412);国家自然科学基金项目(11102124,61102076,60939002);教育部新世纪优秀人才计划项目(NCET-10-0604);四川省科技支撑计划项目 ()
