信息融合技术在计算机病毒检测中的应用

该文通过分析计算机病毒的特征和行为,将信息融合技术应用于计算机病毒的检测中,提出了用于计算机病毒检测的信息融合模型,并应用贝叶斯网络的方法给出了信息传播的方法。利用病毒数据库中的病毒特征和行为,给出了一个计算机病毒恶意行为检测的信息融合算法,最后通过实验分析证实了该方法的可行性。     

浅论计算机病毒及检测方法

本文从病毒的定义、计算机病毒自身特征、病毒分类、病毒发展的特点、计算机病毒的基本机制、计算机病毒的检测方法几个方面来说明计算机系统是脆弱的,计算机病毒的危害是巨大的。因此,为了确保信息的安全与畅通,一定要作好对病毒的检测防范工作。     

浅论计算机病毒及检测方法

本文从病毒的定义、计算机病毒自身特征、病毒分类、病毒发展的特点、计算机病毒的基本机制、计算机病毒的检测方法几个方面来说明计算机系统是脆弱的,计算机病毒的危害是巨大的。因此,为了确保信息的安全与畅通,一定要作好对病毒的检测防范工作。     

关于网络蠕虫病毒的原理剖析

目前,计算机病毒可以渗透到信息社会的各个领域,给计算机系统带来了巨大的破坏和潜在的威胁。为了确保信息的安全与畅通,研究计算机病毒的防范措施已迫在眉睫。近年来,病毒日益猖獗,本文主要剖析蠕虫病毒的原理。     

计算机病毒数据库及其信息管理平台的设计与实现

该文提出了如何建立一个病毒样本丰富、病毒属性信息完整的病毒数据库,以及对应的计算机病毒信息管理平台,并从不同途径获取病毒样本和病毒描述信息,比如:标准格式Email,带病毒文件的Email,用户Ftp上传的文件和Web上传文件等,然后对这些信息进行适当的处理,通过计算机病毒信息管理平台输入到病毒数据库中。文章给出了该项目的平台功能模块、系统设计以及病毒数据库的完整属性标注。     

计算机病毒的发展趋势与防治

在计算机病毒的发展史上,病毒的出现呈现一定的规律性。计算机病毒技术不断提高,因此,研究未来病毒的发展趋势,能够更好的开发反病毒技术,保障信息产业的健康发展。     

基于信息隐藏技术的PE病毒防治

提出一种基于信息隐藏技术的方法来防范和对付PE病毒.该方法利用PE文件结构和PE病毒只侵袭可执行文件而不攻击数据文件的特性,将可执行文件头隐藏于数据文件之中,达到保护可执行文件的目的.实验验证了该方法的可行性.分析了该方法的长处和不足,与其它防病毒方法相比,该方法具有很好的信息隐藏量,能防范已知的可执行文件类计算机病毒,也能防范未知的和未来的该类计算机病毒.     

DOS下内存中计算机病毒的自动查消

目前,个人计算机逐步普及,但有些计算机用户对计算机安全缺乏足够的认识,为计算机病毒的传播打开了方便之门.少数人或为证明自己的能力或出于某些其他目的,制造并传播计算机病毒,造成计算机病毒数的猛增.现在的查消病毒的软件只是跟着病毒走,随着病毒的发展不断推出新版本.我们认为对病毒的自动查消应是努力的方向.当内存中存在计算机病毒时,对于存储介质上病毒的消除是不安全的,因为在我们消除病毒的同时,由于内存病毒的存在,可能使存储介质在消除病毒的同时染上病毒,所以只有确认内存中不存在计算机病毒,才能保证消除过程是安全的.因此如何判断内存中有没有病毒,存在何种病毒,如何消毒,是消除存储介质上病毒的前提.     

一种基于Agent的分布式病毒防御系统

目前的高速局域网为计算机病毒通过网络传播搭建了理想的高速通道,使得病毒在局域网范围内容易迅速蔓延.因此需要探讨一种局域网内的新型杀毒软件系统,这是一种结合了分布式和Agent技术优点的,智能、主动的计算机病毒防御系统.该系统具有高度的信息共享能力,当某一台主机受到病毒危害时,局域网内的所有主机将迅速获得相关信息,并有针对性地进行系统加固,使整个网络的安全性大幅提高.     

计算机病毒的研究与防治

随着网络通讯技术的飞速发展,计算机网络已逐渐渗透到人们社会生活的各个领域,并成为信息传播的重要媒介.本文主要是分析了计算机病毒的一些基本情况,并且对计算机病毒的一些实用的技术进行介绍,对计算机病毒的防治具有一定的指导作用.本文主要是采用理论分析的方法进行写作的.本文重点介绍了计算机病毒的内涵、类型及特点和计算机病毒的技术分析以及对计算机病毒攻击的防范的对策和方法.本文的写作主要成果就是详细的分析的病毒的内涵以及相应的防治方法,主要是借鉴一些专家的分析思路进行分析.     

浅谈网络病毒及防治

随着计算机网络的普及发展,网络安全问题日益突出,网络病毒的迅速传播、再生、发作比单机病毒有着更大的危害,计算机网络病毒的危害已不仅是针对网络,其危害已经具有社会性。对企业及个人用户的破坏性正在加速,在全世界范围内造成了很大的经济和社会损失,网络病毒问题必须引起人类的足够的重视。     

计算机病毒防治

近年来,出现许多杀伤力极强的计算机病毒,在形式上日益多样,在危害程度上日益严重,本文简要介绍当前计算机病毒的概念,重点描述了病毒的传播途径,相应的检测方法,提出一些病毒清除方法以及有效可行的防治病毒的措施。     

计算机病毒防治

近年来，出现许多杀伤力极强的计算机病毒，在形式上日益多样，在危害程度上日益严重，本文简要介绍当前计算机病毒的概念，重点描述了病毒的传播途径，相应的检测方法，提出一些病毒清除方法以及有效可行的防治病毒的措施。     

Control on the transmission of computer viruses in network

This study made an inductive discussion on the definition and characteristics of computer viruses and analyzed virus transmission models as well as virus control. Like tumor cells in human body, computer viruses will rapidly transfer and disperse if they are not controlled, indicating a poor stability. To investigate the transmission control of computer viruses, a dynamical model was established for virus transmission and the concept of “equivalent day” was introduced to analyze the dynamic characteristics of discrete transfer of the model and the stability of virus-free equilibrium points and endemic equilibrium points. The characteristic value was obtained by calculating the equation of the model. Moreover, the necessary and sufficient conditions for virus-free and endemic equilibrium points of the model were obtained by proof using Lyapunov first method and disc theorem. Then the model was compared with SIS and SIR models. Finally, a control item was added based on the virus discrete transmission model and the transformation trends of the number of the infected principle machine and the infective principal machine before and after the addition of the control item were compared. In this way, the optimal control strategy for virus transmission model was designed and the effectiveness of the optimal control was verified.     

Is The Virus Problem Getting Worse?

The number of known viruses exceeded 50?000 in August 2000. The vast majority of those (74%) are parasitic viruses (attacking executables), second most populous are macro viruses (19%) and 7% are boot sector viruses. In May 2000, 88% of infections reported to Sophos were due to macro viruses, 9% were parasitic viruses and only 3% were boot sector viruses. Note that a reported infection is counted as a single unit regardless of whether the virus infected one machine or 10?000 machines: the statistics quoted are not ‘bomb-proof’, but simply an indication of what is out there.     

磁碟机病毒破坏机制与防治策略研究

磁碟机病毒及其变种是近几年来病毒技术含量最高、破坏性最强的病毒,已感染数十万台计算机,造成的损失远远超过"熊猫烧香"。为了能有效地防御和查杀该病毒,该文特地对磁碟机病毒进行了深入的研究,分析了磁碟机的破坏机制,指出了磁碟机的种种危害,提出了防治磁碟机的几种技术方法,这对当前防御和清除磁碟机病毒具有一定的现实意义。     

Code mutation techniques by means of formal grammars and automatons

The paper describes formalization of existing code mutation techniques widely used in a viruses (polymorphism and metamorphism) by means of formal grammars and automatons. New model of metamorphic viruses and new classification of this type of viruses are suggested. The statement about undetectable viruses of this type is proved. In that paper are shown iterative approach toward construct complex formal grammars from the simplest initial rules for building metamorphic generator. Also there are some samples of applied usage of formal grammar model. The experiment for system call tracing of some viruses and worms is described. Possibility of using system call sequences for viruses detecting is shown.     

Spam & Sobig: arm in arm

This is the sordid tale of how a lone computer virus opened the door for millions of spam emails every day worldwide. In order for the reader to understand how this happened, this article will explain some concepts in spam, viruses and backdoors. Viruses sometimes leave backdoors, also known as “trojans,” on systems they infect; this is nothing new. The idea is to give the virus writer control over a large quantity of infected computers, establishing a virtual army of computers to do his or her bidding.     

Characterization of virus replication

New viruses spread faster than ever and current signature based detection do not protect against these unknown viruses. Behavior based detection is the currently preferred defense against unknown viruses. The drawback of behavior based detection is the ability only to detect specific classes of viruses or have successful detection under certain conditions plus false positives. This paper presents a characterization of virus replication which is the only virus characteristic guaranteed to be consistently present in all viruses. Two detection models based on virus replication are developed, one using operation sequence matching and the other using frequency measures. Regression analysis was generated for both models. A safe list is used to minimize false positives. In our testing using operation sequence matching, over 250 viruses were detected with 43 subsequences. There were minimal false negatives. The replication sequence of just one virus detected 130 viruses, 45% of all tested viruses. Our testing using frequency measures detected all test viruses with no false negatives. The paper shows that virus replication can be identified and used to detect known and unknown viruses.     

计算机病毒及反病毒技术的探讨

计算机病毒是威胁网络安全的重要因素之一。该文在明确计算机病毒概念的基础上,分析了目前常见病毒的分类,重点探讨了目前流行的反病毒技术,涉及到特征值反毒、虚拟机反毒及启发式扫描。该文对于提高用户防病毒意识,了解目前最基本的反病毒技术及其水平具有一定的参考价值。