| 基于分层语义认知的恶意代码检测方法研究 |
| |
| 引用本文: | 冯芳梅,邵长庚,刘丹. 基于分层语义认知的恶意代码检测方法研究[J]. 通信技术, 2012, 45(5): 53-56 |
| |
| 作者姓名: | 冯芳梅 邵长庚 刘丹 |
| |
| 作者单位: | 电子科技大学电子科学技术研究院,四川成都,611731 |
| |
| 摘 要: | 这里提出一种基于分层语义认知的恶意代码智能检测方法,该方法将待检测程序在虚拟捕获环境中获取的行为数据进行分层认知,逐层抽象为行为特征,最后使用贝叶斯分类器对其恶意性进行判定。在语义认知过程中采用分层和归一化的方式降低加密与混淆的干扰,采用动静结合方式提高检测效率,采用正负差集运算的方式降低误报率。经测试,该方法具有高检测率,抗混淆能力强,可以快速、有效地识别代码中的恶意行为。
|
| 关 键 词: | 恶意代码检测 病毒检测 贝叶斯分类器 语义认知 信息安全 |
Malicious-Code Detection Method based on Layered Semantic Cognition |
| |
| FENG Fang-mei , SHAO Chang-geng , LIU Dan. Malicious-Code Detection Method based on Layered Semantic Cognition[J]. Communications Technology, 2012, 45(5): 53-56 |
| |
| Authors: | FENG Fang-mei SHAO Chang-geng LIU Dan |
| |
| Affiliation: | (Research Institute of Electronic Science and Technology,University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China) |
| |
| Abstract: | An intelligent malicious-code detection method based on layered semantic cognition is proposed.This method cognizes behavior data from virtual capture environment layer by layer,transforms the raw data into behavior information from one layer to another,and finally with Bayesian classifier,judges whether it is a malware or not.In the process of cognition,the layered and normalized mode could reduce the interference of encryption and obfuscation,while the static and dynamic combination mode improve the detection efficiency,and the positive and negative set operation lower the false alarm rate.The experiments indicate that this method,with fairly high accuracy rate and strong anti-obfuscation ability,could detect malicious code efficiently and accurately. |
| |
| Keywords: | malicious-code detection virus detection Bayesian classifier semantic cognition information security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
