Malicious Code Detection Model based on Behavior Association
In this information age we”ve witnessed the rapid growth and expansion of the Intemet which integrates almost all services across all sectors However.this also comes along with various securitv risks towards these services as well as the intended users Malicious applications can be introduced in order to attack users and these services so as to gain financial rewards.individuals” sensitive information companies and govemment intellectual property and also gain remote control of the svstems Recently several methods have been proposed to facilitate malicious code detection:these include signature detection.behavior detection.virtual machine detection and heuristic detection Each of these methods however has their respective weaknesses which makes them not fullv reliable<br> In this paper.we analyze the existing technology of malicious code analysis and detection methods and propose a malicious code detection model based on behavior association We first extract the behavior points of malicious code through the API monitoring technology and integrate behavior points into behavior.and then we establish a relationship between behaviors according to data dependence Next we build up a behavior association model and put forward a discrimination method using pushdown automation Finally.we take the exact malicious code as a sample to carry out an experiment of behavior ”s capture.associahon and discrimination.thus proving that the theoretical modelis viahle.
malicious code behavior monitor behavior association pushdown automation
国内会议
湖北恩施
英文
1-9
2014-09-13(万方平台首次上网日期,不代表论文的发表时间)