|
|||||
|
|
| 基于云计算的病毒多执行路径 | |
| 引用本文: | 孟超,孙知信,刘三民.基于云计算的病毒多执行路径[J].吉林大学学报(工学版),2013,43(3):718-726. |
| 作者姓名: | 孟超 孙知信 刘三民 |
| 作者单位: | 1. 南京航空航天大学计算机科学与技术学院,南京,210016 2. 南京航空航天大学计算机科学与技术学院,南京210016;南京邮电大学宽带无线通信与传感网技术教育部重点实验室,南京210003 3. 南京航空航天大学计算机科学与技术学院,南京210016;安徽工程大学计算机与信息学院,安徽芜湖241000 |
| 基金项目: | 国家自然科学基金项目,江苏省高校自然科学研究重大项目,江苏省自然科学基金项目 |
| 摘 要: | 针对目前对于病毒的行为分析工具只能在单机系统中分析一条程序执行的路径,误报率很高的问题,提出了一种行为分析模型。该模型利用云计算海量资源,将病毒多条执行路径的分析移植到云计算虚拟机结点上完成。对每条病毒的执行路径分别在不同的虚拟机结点上并行同时执行分析,通过对虚拟机结点中系统调用的监控找出病毒在某种特定的条件下触发的恶意行为。在开源云平台Eucalyptus的实验表明,该模型可以检测出病毒的条件触发行为,找出触发恶意行为的条件和可以满足这些条件的输入数据,并且性能比单机系统有了很大提升。 |
| 关 键 词: | 计算机应用 云计算 云安全 病毒分析 行为分析 |
Multiple execution paths for virus based on cloud computing |
|
| MENG Chao,SUN Zhi-xin,LIU San-min.Multiple execution paths for virus based on cloud computing[J].Journal of Jilin University:Eng and Technol Ed,2013,43(3):718-726. | |
| Authors: | MENG Chao SUN Zhi-xin LIU San-min |
| Affiliation: | 1,3(1.College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 210016,China;2.Key Laboratory of Broadband Wireless Communication and Sensor Network Technology,Nanjing University of Posts and Telecommunications,Ministry of Education,Nanjing 210003,China;3.College of Computer and Information,Anhui Polytechnic University,Wuhu 241000,China) |
| Abstract: | Virus analysis is the process of determining the purpose and functionality of a given virus sample.The current problem is that virus dynamic analysis tool can only analyze a single program execution in single computer system,thus the error rate is high.A new analysis model is proposed,which can use abundant resources of cloud computing system.It allows us to explore multiple execution paths and identify malicious actions that are executed when only certain conditions are met.Experiments are carried out in open-source cloud software,Eucalyptus.Results show the proposed model can detect the existence of trigger-based behavior,find the trigger conditions of such hidden behavior and identify the inputs satisfying those conditions.Its performance is superior to single computer system. |
| Keywords: | computer application cloud computing cloud security virus analysis behavioral analysis |
| 本文献已被 CNKI 万方数据 等数据库收录! | |