| 基于病毒行为序列的未知病毒分析技术研究 |
| |
| 引用本文: | 郑重,王志英,陈顼颢,黄訸.基于病毒行为序列的未知病毒分析技术研究[J].计算机安全,2010(5):4-5. |
| |
| 作者姓名: | 郑重 王志英 陈顼颢 黄訸 |
| |
| 作者单位: | 国防科学技术大学计算机学院,湖南,长沙,410073 |
| |
| 摘 要: | 提出了一种在虚拟执行技术支持下基于病毒行为序列的未知病毒分析检测技术。该技术可以克服病毒特征代码扫描法不能识别未知病毒的特点。在模拟的虚拟执行环境中对该方法进行了测试,测试表明了该方法的可行性和较高的准确性。
|
| 关 键 词: | 计算机病毒 虚拟执行 行为序列 病毒检测 |
Unknown Computer Virus Detection Based on Its Behavior Sequence |
| |
| ZHENG Zhong,WANG Zhi-ying,CHEN Xu-hao,HUANG He.Unknown Computer Virus Detection Based on Its Behavior Sequence[J].Network & Computer Security,2010(5):4-5. |
| |
| Authors: | ZHENG Zhong WANG Zhi-ying CHEN Xu-hao HUANG He |
| |
| Affiliation: | School of Computer Science;National University of Defense Technology;Changsha;Hunan 410073;China |
| |
| Abstract: | A algorithm to detect and analyze computer virus based on its behavior sequence under the support of virtual execution technology is presented in this paper.It can overcome the shortage of normal virus scanner,which could not detect unknown virus.Tests in a simulating virtual execution environment indicated that this algorithm is feasible and accurate. |
| |
| Keywords: | Computer virus Virtual execution Behavior sequence Virus detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
