Malicious Behavior Describe and Analysis Using Fuzzy Logic
With the rapidly popularity of the Internet, the number of malware has rocketing to increase. Many virus analysis techniques suppose that the binary code of a piece of malware is available, which is however not always useful. We propose fuzzy logic-based program behavior describe and analysis method. The behavior of malicious codes is identified by assembly layer and API layer through decompile binary file. For analysis malicious behaviors, we calculate weighted similarity between unknown program and malicious behaviors pattern. The experiment results demonstrate the fuzzy logicbase behavior description and analysis is efficient in detecting unknown malicious actions.
malicious behavior fuzzy logic similarity
Zhang Yichi Pang Jianmin Guo Haoran
National Digital Switching System Engineering & Technology Research Center Zhengzhou, China
国际会议
海口
英文
84-88
2011-07-15(万方平台首次上网日期,不代表论文的发表时间)