| 一种语义感知的多态攻击签名产生方法 |
| |
| 引用本文: | 涂风涛.一种语义感知的多态攻击签名产生方法[J].四川激光,2014(7):63-67. |
| |
| 作者姓名: | 涂风涛 |
| |
| 作者单位: | 南昌师范高等专科学校,南昌330103 |
| |
| 摘 要: | 针对传统串模式挖掘与匹配技术难以生成有效的多态攻击签名。文章提出了一种语义感知方法。它在传统方法基础上,分析多态引擎特征,利用静态数据流分析提取不变语义代码,并基于特征分类生成二层多态签名。同时,它包含代码的多态语义与串模式。与已有方法的实验比较表明,该方法能有效降低签名的虚警率和漏报率。
|
| 关 键 词: | 串模式 多态 元变换 攻击签名 语义感知 检测 |
A Semantic Aware Method for Polymorphic Signatures Generation |
| |
| TU Feng-tao.A Semantic Aware Method for Polymorphic Signatures Generation[J].Laser Journal,2014(7):63-67. |
| |
| Authors: | TU Feng-tao |
| |
| Affiliation: | TU Feng-tao (Nanchang Teachers College, Jiangxi, Nanchang 330103, China) |
| |
| Abstract: | It is difficult for security experts to generate polymorphic signatures by using traditional string mining and matching techniques. A semantic aware method is presented to generate a kind of two-level signature that in-cludes both polymorphic semantics and string patterns. It firstly analyzes characteristics of polymorphic engines and categorizes the data flows into different clusters, then uses static dataflow methods to extract invariable semantic in-structions. At last, it combines traditional string methods to generate the signature. In comparison with other meth-ods, experimental results show it may effectively reduce false positives and false negatives. |
| |
| Keywords: | String Pattern Polymorphism Metamorphism Attack Signature Semantic Aware Detection |
| 本文献已被 CNKI 维普 等数据库收录! |
|
