| 基于行为分析的黑客攻击软件自动化分析工具的设计与实现 |
| |
| 引用本文: | 刘恒,文伟平,万正苏.基于行为分析的黑客攻击软件自动化分析工具的设计与实现[J].信息网络安全,2011(7):10-12. |
| |
| 作者姓名: | 刘恒 文伟平 万正苏 |
| |
| 作者单位: | 1. 北京大学,北京,102600
2. 湖南理工学院数学学院,湖南岳阳,414006 |
| |
| 摘 要: | 静态分析和动态分析是两种主流的恶意代码分析技术.随着反调试、程序补丁、代码混淆、多态和变型等技术的出现,静态分析技术的局限性越来越明显.该文设计了一种基于内核调用和正则表达式技术的恶意软件自动化分析工具,并用熊猫烧香病毒进行了验证,此工具提高了自动化分析的效率.
|
| 关 键 词: | 行为分析 恶意软件 动态分析 |
Design and Implementation of Malware Automated Analysis Tool Based on Behavior Analysis |
| |
| LIU Heng
,
WEN Wei-ping
,
WAN Zheng-su.Design and Implementation of Malware Automated Analysis Tool Based on Behavior Analysis[J].Netinfo Security,2011(7):10-12. |
| |
| Authors: | LIU Heng WEN Wei-ping WAN Zheng-su |
| |
| Affiliation: | LIU Heng1,WEN Wei-ping1,WAN Zheng-su2 ( 1.Peking University,Beijing 102600,China,2. Hunan Institute of Science and Technology of Mathematics,Yueyang Hunan 414006,China ) |
| |
| Abstract: | Static analysis and dynamic analysis are the two common analysis methods in malware analysis. With the anti-debugging, program packers, code obfuscation, polymorphism and variants such technologies coming out, the limitations of static analysis methods become more and more. Here is a tool to dynamic analysis Malware Code based on kernel callback and Regular Expressions, demonstrate it’s capabilities by analyzing the Fujacks .As a result ,improved the efficiency of the tool in the automating analysis. |
| |
| Keywords: | Behavior analysis Malware Dynamic analysis |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
