计算机与数字工程2019,Vol.47Issue(5):1179-1183,5.DOI:10.3969/j.issn.1672-9722.2019.05.032
基于特征匹配的恶意代码变种检测
Detection of Malicious Code Variations Based on Feature Matching
摘要
Abstract
With the rapid development of computer network technology,the malicious code changes brought serious threat to information security,especially with the development of code obfuscation techniques and shell technology,mass automation mali?cious code can produce multiple variations in response to anti-virus software testing. In this paper,through calculating the hamming distance between malicious code and its variant and cosine similarity analysis of malicious code,the text characteristic can be com?pared between the unknown type of malicious code and the known types of malicious code. The purpose is to achieve the rapid classi?fication of malicious code to be tested,which gives the malicious code category. The results show that the test results are highly rep?resentative and deceptive.关键词
恶意代码/特征匹配/海明距离/余弦相似度Key words
malicious code/feature matching/hamming distance/cosine similarity分类
信息技术与安全科学引用本文复制引用
齐玉东,孙明玮,丁海强,李程瑜..基于特征匹配的恶意代码变种检测[J].计算机与数字工程,2019,47(5):1179-1183,5.
