| 恶意代码行为获取的研究与实现 |
| |
| 引用本文: | 陈培,高维.恶意代码行为获取的研究与实现[J].计算机应用,2009,29(Z2). |
| |
| 作者姓名: | 陈培 高维 |
| |
| 作者单位: | 电子科技大学,计算机科学与工程学院,成都,610054 |
| |
| 摘 要: | 分析对比了恶意代码的静态分析方法和动态分析方法,设计并实现了一种结合虚拟机技术和Windows操作系统自身所具有的调试功能来获取恶意代码行为的模块,该模块能够自动控制虚拟机运行监控程序来获取恶意代码的行为,并通过引入基于信息增益的特征权重算法来获得行为特征.
|
| 关 键 词: | 恶意代码 虚拟机 系统调用 静态分析 行为分析 |
Research and implementation of obtaining malicious code behavior |
| |
| CHEN Pei,GAO Wei.Research and implementation of obtaining malicious code behavior[J].journal of Computer Applications,2009,29(Z2). |
| |
| Authors: | CHEN Pei GAO Wei |
| |
| Abstract: | Based on the analysis and comparison of the malicious code static analysis and dynamic analysis methods, the authors designed and implemented a module through putting forward a combination of virtual machine technology and Windows operating system which had its own debugging function to obtain the behavior of malicious code, the module could automatically operate a virtual machine to run a monitoring program to obtain the behavior of malicious code, and got behavior feature by features weight algorithm based on information gain. |
| |
| Keywords: | malicious code virtual machine system call static analysis action analysis |
| 本文献已被 万方数据 等数据库收录! |
|
