期刊文献+

双重恶意代码检测系统的设计与实现 被引量:3

Design and Implementation of Dual Malware Detection System
下载PDF
导出
摘要 随着全球信息化进程的不断加速推进,计算机网络被广泛应用。与此同时,网络安全问题也日益加剧。当前,针对恶意代码的检测技术,主要有静态检测和动态检测两种。但两种技术都各有利弊,不能很好地应对不断变化的网络形势。因此,文中在充分结合以上两种检测技术优缺点的基础上,扬长避短,提出了一种新颖的基于静动态结合的双重恶意代码检测系统。经试验验证表明,该系统能较为高效地检测出恶意代码,降低误报率,并耗费较小的系统资源。 With the constantly accelerating process of global informationization,the computer network is widely applicable. Meanwhile, network security issues are also increasingly intensified. Static detection and dynamic detection are two major malware detection technolo-gies. However,both techniques have their merits and shortcomings,cannot respond to changing network situation. Therefore,on the basis of fully integrated with the merits and shortcomings of these two kinds of detection technologies,propose a novel malware detection sys-tem based on the combination of the static and dynamic. Experimental verification shows that the system can be more efficient detection of malware,reducing the rate of false positives,and consuming less system resources.
出处 《计算机技术与发展》 2013年第10期111-114,共4页 Computer Technology and Development
基金 国家自然科学基金资助项目(60803158) 西北工业大学研究生创业种子基金
关键词 网络安全 恶意代码 静态检测 动态检测 静动态结合 network security malware static detection dynamic detection static and dynamic combination
  • 相关文献

参考文献11

  • 110th CSI/FBI survey shows dramatic increase in unauthorized access[ J]. IT Professional,2005,7 (4) :4-5.
  • 2Liu Wu, Ren Ping, Liu Ke, et al. Behavior-based malware a- nalysis and detection [ C]//Proc of 2011 First International Workshop on Complexity and Data Mining (IWCDM). [ s. 1. ] :[s. n. ],2011.
  • 3Christodorescu M, Jha S. Static analysis of executables to de- tect malicious patterns [ C ]//Proc of Usenix Security Symposi-urn. [ s. 1. ]: [s. n. ] ,2003.
  • 4Moser A, Kruegel C, Kirda E. Limits of static analysis for mal- ware detection[ C ]//Proc of ACSAC. [ s. 1. ] :[ s. n.] ,2007.
  • 5张文晓,戴航,黄东旭.基于虚拟机的Rootkit检测系统[J].计算机技术与发展,2012,22(7):128-131. 被引量:4
  • 6Eqele M, Scholte T, Kirda E, et al. A survey on automated dy- namic malware-analysis techniques and tools[ J]. ACM Com- puting Surveys,2012,44 ( 2 ) : 1-42.
  • 7Bayer U, Habibi I, Balzarotti D, et al. A view on current mal- ware behaviors[ C ]/Proceedings of the 2nd USENIX Confer- ence on Large-scale Exploits and Emergent Threats:Botnets, Spyware,Worms,and More. [ s. 1. ]: [ s. n. ] ,2009.
  • 8Bayer U. A tool for analyzing malware [ C ]//Proceedings of 15th Annual Conference of the European Institute for Comput- er Antivirus Research (EICAR). [ s. 1. ] :[ s. n. ] ,2006.
  • 9Kasama T, Yoshioka K, Inoue D, et al. Malware detection method by catching their random behavior in multiple execu- tions[ C]//Proc of IEEE/IPSJ 12th International Symposium on Applications and the Internet (SAINT). [ s. 1. ] :[ s. n. I, 2012.
  • 10Shih-Yao D,Sy-Yen K. MAPMon:a host-based malware de- tection tool[ C]//Proc of 13th Pacific Rim International Sym- posium on Dependable Computing. [ s. 1. ] : [ s. n. ] ,2007.

二级参考文献14

  • 1NSA. Information Security Terms Glossary [ S/OL]. 2005. ht- tps ://www. key. com/html/bank - infonnation - security- glos- sary. html.
  • 2Kruegel C, Robertson W, Vigna G. Detecting kernel-level Ro- otkits through binary, analysis[ C]//Proc of the 20th Annual Computer Security Applications Conference. Washington D C : IEEE Computer Society,2004:91-100.
  • 3Seshadri A, Luk M, Qu N, et al. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodi .ty OSes [ C]//Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP'07). [ s. l. ] : [ s. n. ] ,2007:335- 350.
  • 4Wichmann R. kern_check [ CP/OL]. 2006. http://www, la- samhna, de/library/kem_check, c.
  • 5Kad. checkidt [ CP/OL]. 2007. http://www, phlnck, conv'ar- chives/59/p59- 0x04_ Handling% 20the% 201nten'upt% 20Desc.
  • 6Branco R R, Correia L J H. StMichael:Protecting the Linux Kernel Integrity[ J/OL ]. 2006. http ://www. thebugmagazine.org/magazine/bugO2/OxO7_stmichael, txt.
  • 7龚友.Linux下内核级Rootkit检测防护机制的研究[D].成都:电子科技大学,2006.
  • 8Sinch A. An introduction to virtualization [ J/OL]. 2006-05- 12. http://www, kemehhread, com/publications/virtualiza- tion.
  • 9Quynh N A,Takefuji Y. Towards a Tamper-resistant Kernel Rootkit Detector[ C]//SAC 137 Proceedings of the 2007 ACMSymposium on Applied Computing Table of Contents. [ s. l. ] : [ s. n. ] ,2007:276-283.
  • 10石磊,邹德清,金海.Xen虚拟机化技术[M].武汉:华中科技大学出版社,2009.

共引文献3

同被引文献16

引证文献3

二级引证文献5

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部