期刊文献+

基于M序列的恶意代码分片插入机制

Malicious Code Splitted and Inserted Based on M Sequence
下载PDF
导出
摘要 恶意代码的生存周期包括恶意代码的产生、传播、隐藏和破坏。其中,隐藏是恶意代码生存周期中极其重要的一环。研究恶意代码的隐藏技术,了解隐藏技术的原理和关键技术,才能更好地防御恶意代码的攻击。目前,恶意代码的深层隐藏与检测技术已经成为当前计算机安全领域的一个研究热点。为了更深入地研究恶意代码,首先分析恶意代码的模糊变换和分片插入技术,然后利用M序列的随机性和状态遍历特性,提出了一种基于M序列的恶意代码分片插入机制。实验证明该机制能够有效提高恶意代码的随机性和抗分析能力。 The life cycle of the malicious code includes generation,transmission,hidden and disrupt.Among there,hidden is extremely important in the life cycle.In order to prevent the attack of malicious code,the principle and key technology of the hiding technology must be researched.Now,the deep hiding and detecting technology of malicious code has already become one of the research hotspots in the field of computer security.In order to have a deep study on the malicious code,firstly introduces the technology of splitting and inserting and the technology of obfuscating transformation for malicious code.Then basic the randomicity and all condition reached characteristics of M sequence,a technology of splitting and inserting based on M sequence is proposed.Test showed this method can improve the randomicity and anti-analyze ability of malicious code.
出处 《计算机技术与发展》 2010年第10期194-197,共4页 Computer Technology and Development
基金 国家863计划(2007AA701302 2009AA701202)
关键词 恶意代码 模糊变换 分片插入 M序列 malicious code obfuscating transformation splitting and inserting M sequence
  • 相关文献

参考文献8

  • 1Zhang Xi,Saha D,Chen Hsiao-Hwa.Analysis of virus and anti-virus spreading dynamics[C] //Global Telecommunications Conference,2005.GLOBECOM'05.[s.l.] :IEEE,2005:1-5.
  • 2Collberg C S,Thomborson C.Watermarking,Tamper-proofing and Obfuscation Tools for Software Protection[J].IEEE Transactions on Software Engineering,2002,28(8):735-746.
  • 3Sherriff L.Encryption vs antivirus[EB/OL].2001.http://www.theregister.co.uk/2001/02/07/encryption_vs_ antivirus.
  • 4张勐,杨大全,辛义忠,赵德平.计算机病毒变形技术研究[J].沈阳工业大学学报,2004,26(3):309-312. 被引量:14
  • 5Sun Jianhua,Qin Jizha,Chen Shu,et al.A Virus Immunization Model Based on Communities in Large Scale Networks[C] //Eighth ACIS International Conference,2007.Qingdao:[s.n.] ,2007:917-922.
  • 6Zivkovi M.A Table of Primitive Binary Polynomicals[J].Mathematics of Computation,1994,62(205):385-386.
  • 7Shift Registers and Counters[EB/OL].1997.http://www.eelab.usyd.edu.au/digital-tutorial/part2/register07.html.
  • 8张登银,洪福鑫.典型Shellcode引擎特征检测方法研究[J].计算机技术与发展,2010,20(1):18-21. 被引量:1

二级参考文献12

  • 1李冰.关于主动防治计算机病毒的几点探讨[J].中央民族大学学报(自然科学版),2001,10(2):170-174. 被引量:9
  • 2何乔,吴廖丹,张天刚.基于shellcode检测的缓冲区溢出攻击防御技术研究[J].计算机应用,2007,27(5):1044-1046. 被引量:7
  • 3SANS Institute. The Twenty Most Critical Internet Security Vulnerabilities[ EB/OL], 2006 - 05 - 31. http://www, sans. oft/top20/.
  • 4ARCE I. The shellcode generation[J]. IEEE Security & Privacy, 2004,2(5) :72 - 76.
  • 5San.渗透防火墙的shelcode技术[EB/OL].2004.http://www. forccus, net/projects/Xeon/2004/Xcon2004_ san. pdf.
  • 6Sk. History and advances in Windows shellcode [ EB/OL ]. 2004. http://www, phrack, org/show, php? p = 62&a = 7.
  • 7R IX. Writing IA32 alphanumeric shellcodes[J]. Phrack Magazine,2004,12(57) :15 - 18.
  • 8SKAPE. Understanding Windows shellcode[ EB/OL]. 2003 - 10- 23. htp://www, hick. org/code/skape/papers/win32 - shellcod, pdf.
  • 9Destr lstan T, Ulensp legel T. Polymophic shellcode engine using spectrum analysis[ J ]. Phrack Magazine, 2003,11 (61) : 9-15.
  • 10AKA TW. Writing UTF--8 compatible shellcodes[J ]. Phrack Magazine, 2003,11 (61) : 1 - 3.

共引文献13

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部