首页|期刊导航|计算机应用研究|基于敏感点覆盖的恶意代码检测方法

基于敏感点覆盖的恶意代码检测方法

秦艳锋王清贤曾勇军奚琪

计算机应用研究Issue(11)：3439-3442,4.

计算机应用研究Issue(11)：3439-3442,4.DOI:10.3969/j.issn.1001-3695.2015.11.056

基于敏感点覆盖的恶意代码检测方法

Malware detection method based on covering sensitive points

秦艳锋 ¹王清贤 ²曾勇军 ¹奚琪¹

作者信息

1. 数学工程与先进计算国家重点实验室，郑州 450001
2. 洛阳外国语学院语言工程系，河南洛阳 471003
折叠

摘要

Abstract

In order to improve the detection efficiency and accuracy of the malicious code and the variant,this paper proposed a malicious code detection method based on covering sensitive points,using the dynamic and static analysis technology.First-ly,it used the static analysis technology to identify those sensitive points and sensitive paths that contained malicious or sensi-tive behaviors.Then it executed and analyzed these sensitive paths using the dynamic symbolic execution technology,and ex-tracted the feature of the system call graph which could express the behavior semantic of malicious codes.Finally,it detected and identified the family of the object code by matching the feature graph.The experiment shows that this method can improve the analysis efficiency and recognition rate of malicious codes and their variants.

关键词

恶意代码检测/敏感行为函数/系统函数调用图/敏感路径/符号执行

Key words

malware detection/sensitive behavior function/system call graph/sensitive path/symbolic execution

分类

信息技术与安全科学

引用本文复制引用

秦艳锋,王清贤,曾勇军,奚琪..基于敏感点覆盖的恶意代码检测方法[J].计算机应用研究,2015,(11):3439-3442,4.

基金项目

国家“863”计划资助项目（）

计算机应用研究

OA北大核心CSCDCSTPCD

ISSN：1001-3695

访问量0

下载量0

段落导航