| 基于行为特征库的木马检测模型设计 |
| |
| 引用本文: | 李焕洲,陈婧婧,钟明全,唐彰国.基于行为特征库的木马检测模型设计[J].四川师范大学学报(自然科学版),2011,34(1):123-127. |
| |
| 作者姓名: | 李焕洲 陈婧婧 钟明全 唐彰国 |
| |
| 作者单位: | 1. 四川师范大学网络与通信技术研究所,四川,成都,610101
2. 四川师范大学网络与通信技术研究所,四川,成都,610101;四川师范大学计算机科学学院,四川,成都,610101 |
| |
| 基金项目: | 四川省应用基础研究项目(07JY029-011); 四川省教育厅自然科学重点基金(08ZA043)资助项目 |
| |
| 摘 要: | 目前木马检测的主流技术主要是特征码检测技术,而该技术提取特征码滞后,无法检测未知新型木马.为了更好的检测新型木马,详细归纳总结木马的行为特征,同时在此基础上提取木马通适性行为特征,构建木马行为特征库,设计了基于行为特征库的木马检测模型,并应用模糊模式识别方法判断木马程序.通过实验证明此模型可以对可疑程序的行为特征进行分析判断,较准确地识别木马程序.该检测模型是对基于特征码检测技术的强有力补充,在新型木马不断涌现的今天,基于木马行为特征检测技术具有重要的应用意义.
|
| 关 键 词: | 木马 行为特征 模糊模式识别 |
Design of Trojan Horse Detection Model Based on the Behavioral Library |
| |
| LI Huan-zhou,CHEN Jing-jing,ZHONG Ming-quan,TANG Zhang-guo.Design of Trojan Horse Detection Model Based on the Behavioral Library[J].Journal of Sichuan Normal University(Natural Science),2011,34(1):123-127. |
| |
| Authors: | LI Huan-zhou CHEN Jing-jing ZHONG Ming-quan TANG Zhang-guo |
| |
| Institution: | LI Huan-zhou1,CHEN Jing-jing1,2,ZHONG Ming-quan1,TANG Zhang-guo1(1.Research Institute of Network and Communication Technology,Sichuan Normal University,Chengdu 610101,Sichuan,2.College of Computer Science,Sichuan) |
| |
| Abstract: | At present,the mainstream technology of Trojan horse detection is the characteristic code detection technology,but this technology lags behind extracting characteristic code,it can not detect the new Trojans.In order to detect the new Trojans better,by summing up the Trojan behavioral characteristics in detail,and constructing the library of Trojan behavioral characteristics,the Trojan detection model which based on the behavioral library has been designed.It can judge Trojan making use of fuzzy pattern rec... |
| |
| Keywords: | trojan horse behavioral characteristics fuzzy pattern recognition |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
