| 恶意代码的变形技术研究 |
| |
| 引用本文: | 吴丹飞,王春刚,郝兴伟.恶意代码的变形技术研究[J].计算机应用与软件,2012(3):74-77. |
| |
| 作者姓名: | 吴丹飞 王春刚 郝兴伟 |
| |
| 作者单位: | 山东大学计算机科学与技术学院;清华大学信息网络工程研究中心 |
| |
| 基金项目: | 国家重点基础研究发展计划(2009CB320505) |
| |
| 摘 要: | 恶意代码常常使用一些隐形技术来躲避反病毒软件的检测。然而,采用加密和多态技术的恶意代码已经难以躲避基于特征码和代码仿真技术的检测,而变形技术却呈现出较强的反检测能力。通过对变形技术作深入的分析,详细介绍了变形引擎及其所采用的代码混淆技术,以及当前的变形恶意代码检测技术,并简要分析了变形技术在软件防护领域的应用。
|
| 关 键 词: | 恶意代码 变形 变形引擎 混淆 软件保护 |
STUDY ON METAMORPHIC TECHNIQUE OF MALWARE |
| |
| Wu Danfei,Wang Chungang,Hao Xingwei.STUDY ON METAMORPHIC TECHNIQUE OF MALWARE[J].Computer Applications and Software,2012(3):74-77. |
| |
| Authors: | Wu Danfei Wang Chungang Hao Xingwei |
| |
| Affiliation: | 1(School of Computer Science and Technology,Shandong University,Jinan 250061,Shandong,China) 2(Network Research Center,Tsinghua University,Beijing 100084,China) |
| |
| Abstract: | Malware writers generally use stealth techniques to evade antivirus detection.However,the malware with encryption and polymorphic techniques is now difficult to evade the detection based on known signatures and code emulation.But the metamorphic technique represents more resistance to detection.In this paper,we give a thorough analysis on metamorphic technique and the detailed introduction of metamorphic engines and the code obfuscation techniques it uses,as well as contemporary detection technique against metamorphic melware.In addition,we briefly analyse the application of metamorphic technique in the field of software protection. |
| |
| Keywords: | Malware Metamorphism Metamorphic engine Obfuscation Software protection |
| 本文献已被 CNKI 等数据库收录! |
|
