下载此文档

基于操作码序列的静态恶意代码检测方法的分析.docx


文档分类:通信/电子 | 页数:约56页 举报非法文档有奖
1/56
下载提示
  • 1.该资料是网友上传的,本站提供全文预览,预览什么样,下载就什么样。
  • 2.下载该文档所得收入归上传者、原创者。
  • 3.下载的文档,不会出现我们的网址水印。
1/56 下载此文档
文档列表 文档介绍
Abstract
With the wide spread of work and the development progress puter technology, computer information security is facing a great threat. The malicious code is the culprit. The growth of malicious code and the development of the technology, not only will bring much inconvenience to human life, but also make the enterprises and users suffer huge economic losses. Some can even harm the national information security.
With the development and confrontation of malicious code detection and
anti-detection technology, the daily production of a large number of new malicious codes brings tremendous pressures to analysts. Today, malicious code detection capabilities have been far insufficient for demand. Malicious code detection technology is divided into two approaches, static and dynamic. The static detection gets the result based on the content and structure of the code, but the dynamic detection is by executing code in a virtual environment. However, with the development of code obfuscation techniques, some static detection methods are facing a challenge. Some malicious codes can hide their malicious behaviors to evade detection in virtual environment. Therefore, how to deal with the explosion of malicious code, especially in response to the variations of malicious code, es the focus of the research of malicious code detection technology.
In this paper, we propose a new method of static malicious code detection
based on the opcode sequences. This method extracts the opcode sequences through the program’s control flow graph as the characteristic, which is different from other methods. Firstly, shell malicious codes. Secondly, the disassembly of malicious codes, then build the program’s control flow graph by writing plugin and extract opcode sequences. Thirdly, extract the characteristics using n-gram algorithm and select features using information gain and document frequency methods. Finally, detect the malicious code using machine learning classification algorithms

基于操作码序列的静态恶意代码检测方法的分析 来自淘豆网m.daumloan.com转载请标明出处.

相关文档 更多>>
非法内容举报中心
文档信息
  • 页数56
  • 收藏数0 收藏
  • 顶次数0
  • 上传人wz_198613
  • 文件大小1.25 MB
  • 时间2018-05-12
最近更新