Computer Science ›› 2016, Vol. 43 ›› Issue (Z11): 342-345.doi: 10.11896/j.issn.1002-137X.2016.11A.079

Previous Articles     Next Articles

Rapid Analysis Method of Malicious Code Based on Feature Threshold

QI Fa-zhi and SUN Zhi-hui   

  • Online:2018-12-01 Published:2018-12-01

Abstract: Nowadays,malicious code has many characteristics,such as multiple types,harm,high complex and needing fast response to handle it.Because the existing method for the analysis of malicious code is difficult to adapt to rapidly analyzing and disposing at the scene and the needs of application practice,this paper proposed the analysis method of malicious code based on feature threshold and constructed the details of the rapid analysis and disposal of malicious code.It contains the environmental analysis,file refinement,static analysis and dynamic analysis.By constructing the threshold determination,locating the function and family properties of code,we provided the specific method of removing the malicious code.The result of practical application proves that this method combines intention,function,structure and behavior of malicious code,and realizes the research about the analysis of the security of malicious code at the level of the disposal site.It provides important support for the fast response and disposal of the current network security of malicious code.

Key words: Information security,Malicious code,Site disposal,Threshold analysis,Rapid disposal

[1] Branco R R,Shamir U.Architecture for automation of malware analysis[C]∥The 5th International Conference on Malicious and Un-wanted Software (MALWARE).2010:106-112
[2] Egele M,Scholte T,Kirda E,et al.A survey on automated dynamic malware-analysis techniques and tools[J].ACM Computing Surveys (CSUR),2012,44(2):1-42
[3] Sathyanarayan V S,Kohli P,Bruhadeshwar B.Signature generation and detection of malware families[C]∥Information Secu-rity and Privacy.2008:336-349
[4] Staish S,Pereira S.Behavioral Signature Generation Using Clustering:WIPO Patent 2011137083[P].2011
[5] http://www.m86security.com/newsimages/trace/Marshal8e6_TRACE_Report_July_2015.pdf

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!