| 基于攻击树的文件风险评估方法 |
| |
| 引用本文: | 钟倩,方勇,刘亮,陈莉.基于攻击树的文件风险评估方法[J].通信技术,2011,44(5):77-79. |
| |
| 作者姓名: | 钟倩 方勇 刘亮 陈莉 |
| |
| 作者单位: | 四川大学信息安全研究所,四川,成都,610065 |
| |
| 摘 要: | 通过对已有文献提出的恶意代码检测方法进行分析改进,提出一种基于行为的静态分析、动态监视和攻击树匹配相结合的文件风险评估的方法。根据文件类型分别从静态和动态两个方面对文件进行分析。通过对攻击树结点间的关系和结点属性进行扩展,能够更好地匹配和描述恶意代码的各种行为。应用多属性效用理论量化结点权重,使评估更加客观准确。实验表明,该方法能够较准确的量化文件的风险程度。
|
| 关 键 词: | 恶意代码 攻击树 多属性效用理论 文件风险评估 |
File Risk Assessment based on Expanded Attack Tree |
| |
| HONG Qian,FANG Yong,LIU Liang,CHEN Li.File Risk Assessment based on Expanded Attack Tree[J].Communications Technology,2011,44(5):77-79. |
| |
| Authors: | HONG Qian FANG Yong LIU Liang CHEN Li |
| |
| Affiliation: | HONG Qian,FANG Yong,LIU Liang,CHEN Li(Information Security Institute of Sichuan University,Chengdu Sichuan 610065,China) |
| |
| Abstract: | Through analyzing and reforming the existing ways for malicious code detection a behavior-based file risk assessment method in combination with the technology of static analysis,dynamic monitoring and attack tree matching is proposed.Based on the file type,the file is analyzed from both static and dynamic aspects.By extending the relations between attack tree nods and attribute of these nodes,the various kinds of malicious conducts could be better matched and described.The multi-attribute utility theory is ... |
| |
| Keywords: | malicious code attack tree multi-attribute utility theory file risk assessment |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
