期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于贝叶斯算法的木马协同检测技术研究 被引量:1

Research on the Cooperative Detection Technology of Trojan Horses Based on Bayes Algorithm
下载PDF
导出
摘要 在Windows环境下,针对现有木马检测软件在对抗多态性木马和未知木马等方面的不足,提出了协同检测思想,并给出木马协同检测的形式化模型。在此模型中,定义了木马行为特征库,利用贝叶斯公式计算木马概率;同时,利用协同检测方案对抗木马的多态变形,从而提高了检测木马的准确率。与传统的检测方法相比,该方案的优点是能有效地检测已知木马的多态变形体以及新出现的木马,且具有较高的准确率。 Aim at the shortcomings of the existed detection technologies of Trojan horses on Windows system, a new scheme of cooperative detection between Trojan horses, is presented and its formal model is proposed in this paper. In this model, Trojan horse's behavior character database is defined at first, and then Trojan horse probabihty is calculated by Bayes'theorem. In addition, cooperative detecting scheme coping with polymorphic Trojan horse is adopted to enhance its abilities of detection. Compared with traditional detective methods, the mainly merit of the scheme is detecting effectively not only known Trojan horses but also unknown ones, and having higher accuracy.
作者 张立肖 戴冠中 刘志超 王晓伶
机构地区 西北工业大学自动化学院
出处 《机电一体化》 2008年第9期35-38,共4页 Mechatronics
基金 国防基础科研项目(C2720061361)
关键词 木马 多态 行为特征 协同检测 trojan horse polymorph behavior character cooperative detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1HUGHES L, DELONE G. Viruses,worms,and Trojan horses :Serious crlmes,nuisance,or both [J]. Social Science Computer Review,2007,25(1): 78-98.
  • 2COHEN F. Computer Viruses: Theory and Experiments [J ]. Computer & Security, 1987,6 ( 1 ) : 22-35.
  • 3THIMBLEB H,ADERSON S,CAINRS P. A framework for modelling trojans and computer virus infection [J]. The Computer Journal, 1999, 41 (7) :444-458.
  • 4LYMAN J. In search of the world's costliest computer virus [EB/ OL]. [2008 -01 -10]. http://www.newsfactor.com/perl/story/16407. html.
  • 5LO R,LEVITT K,OLSSONN R. MFC:A Malicious Code Filter [J].Computer & Security, 1995,14 (6) :541-566.
  • 6张新宇,卿斯汉,马恒太,张楠,孙淑华,蒋建春.特洛伊木马隐藏技术研究[J].通信学报,2004,25(7):153-159. 被引量:43
  • 7李晓东,罗平,曾志峰.利用木马的自启动特性对其进行监控[J].计算机应用研究,2007,24(5):141-143. 被引量:7
  • 8张勐,杨大全,辛义忠,赵德平.计算机病毒变形技术研究[J].沈阳工业大学学报,2004,26(3):309-312. 被引量:14
  • 9张森强,郭兴阳,唐朝京.检测多态计算机病毒的数学模型[J].计算机工程,2004,30(17):24-25. 被引量:6

二级参考文献20

  • 1李冰.关于主动防治计算机病毒的几点探讨[J].中央民族大学学报(自然科学版),2001,10(2):170-174. 被引量:9
  • 2王雨,傅鹤岗.挂接系统服务调度表实现对Win2k的访问控制[J].计算机工程与设计,2005,26(2):407-409. 被引量:7
  • 3[3]Wang C, Knight J C, Elder M. On Computer Viral Infection and the Effect of Immunization. Viral Propagation and the Effect of Immunization 16th ACM Annual Computcr Security Applications Conference.2002-11
  • 4[4]Adleman L M. An Abstract Theory of Computer Viruses. Lecture Notes in Computer Science, 1990
  • 5[5]Li Xiang, Fu Jizhong, Song Yonggong, et al. Recursion Mappings for Computer Viruses. Advances in Cryptography Chinacrypt′96, 1996
  • 6ADLEMAN L M. An abstract theory of computer viruses[A]. 8th Annual International Cryptology Conference[C]. Santa Barbara, California, USA, 1988.
  • 7COHEN F. Computer viruses: theory and experiments[J]. Computers and Security, 1987, 6(1): 22-35.
  • 8COHEN F. On the implications of computer viruses and methods of defense[J]. Computers and Security, 1988, 7(2):167-184.
  • 9COHEN F. A Cryptographic checksum for integrity protection[J]. Computers and Security, 1987, 6(6): 505-510.
  • 10COHEN F. Models of practical defenses against computer viruses[J]. Computers and Security, 1989, 8(2): 149-160.

共引文献66

同被引文献17

  • 1张新宇,卿斯汉,马恒太,张楠,孙淑华,蒋建春.特洛伊木马隐藏技术研究[J].通信学报,2004,25(7):153-159. 被引量:43
  • 2卢浩,胡华平,刘波.恶意软件分类方法研究[J].计算机应用研究,2006,23(9):4-7. 被引量:9
  • 3特洛伊木马,百度百科.http://baike.baidu.com/view/2611.htm.
  • 4Alkabani,Y.Koushanfar,F.Extended abstract:Designer's hardware Trojan horse.Hardware-Oriented Security and Trust,2008.HOST 2008.IEEE Intemational Workshop on.2008,9(9):82-83.
  • 5木马病毒发展史.http://www.51cto.com/tml/2005/1217/14782.htm.
  • 6木马技术发展趋势回顾.百度空间.http://hi.baidu.com/liuzd003/blog/item/4763bld636af6d2906088ba4.html.
  • 7Rootkit木马:隐藏技术发展的颠峰.百度空间.http://hi.baidu.com/.
  • 8CHEN Qin-Zhang,CHENG Rong,GU Yu-Jie.Classification Algorithms of Trojan Horse Detection Based on Behavior.2009 International Confe:rence on Multimedia Information Networking and Security.
  • 9METHOD.Yu feng liu,Li-wei Zhang,Jian Liang,Sheng Qu.etc.Proceedings of the Ninth Intemational Conference on Machine Leaming and Cybernetits,Qingdao,.11-14 July 2010.
  • 10Cong Jin,Xiao-Yan Wang,Hua-Yong Tan.Dynamic Attack Tree and Its Applications on Trojan Horse Detection.2010 Second International Confefence on MultiMedia and Information Technology.

引证文献1

机电一体化
2008年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部