«上一篇/Previous Article|本期目录/Table of Contents|下一篇/Next Article»

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:

24

期数:

2014年04期

页码:

143-146

栏目:

安全与防范

出版日期:

2014-04-30

文章信息/Info

Title:

Design and Implementation of One Malicious Program Simulation System Based on Stratification Weights

文章编号:

1673-629X（2014）04-0143-04

作者:

江雪; 朱永强

电子科技大学 示范性软件学院

Author(s):

JIANG Xue; ZHU Yong-qiang

关键词:

动态启发式; 恶意程序; VMWare; 行为仿真; 概率分层赋值

Keywords:

dynamic heuristic; malicious programs; VMware; behavioral simulation; stratified probability assignment

分类号:

TP309

文献标志码:

A

摘要:

动态启发式中对恶意程序的仿真主要通过沙盒技术来模拟实现。沙盒技术由于其本身仿真能力的局限性，其并不能完全准确地仿真真机环境与指令。针对沙盒的仿真能力的缺陷与不足，结合实际工程应用环境，设计了一套使用专用服务器搭配VMware虚拟机作为仿真环境的恶意程序仿真系统，并根据动态启发式的判断机制，提出了一种基于行为概率分层的权值赋值算法。通过实验，证明了该系统可以有效查杀各类新型与变种恶意程序以及权值赋值算法的有效性。

Abstract:

For simulating malicious programs,the sandbox is the regular tool which the dynamic heuristic often uses. Sandbox technology cannot completely and accurately simulate the real PC environments and instruction. Aiming at the limitations of sandbox's simulation ca-pabilities,combined with the actual application environment,design a simulation system based on VMware virtual machine which is used in malicious programs simulating,and propose a weights assignment algorithm based on hierarchical behavior in probabilistic. The experi-ments prove that this system can effectively kill many kinds of new and variants of malicious programs,and the weights assignment algo-rithm is feasible.

常用功能

更新日期/Last Update: 1900-01-01