| 一种面向软件行为可信性的入侵检测方法 |
| |
| 引用本文: | 王新志,孙乐昌,陆余良,张曼.一种面向软件行为可信性的入侵检测方法[J].中国科学技术大学学报,2011,41(7). |
| |
| 作者姓名: | 王新志 孙乐昌 陆余良 张曼 |
| |
| 作者单位: | 电子工程学院,安徽合肥,230037 |
| |
| 基金项目: | 国家自然科学基金(60972161)资助 |
| |
| 摘 要: | 针对现有入侵检测方法的问题,面向软件行为可信需求,提出了一种新的静态检测方法.首先讨论并给出了软件行为可信性的定义和形式化描述,并以指令序列形式进行表示;然后,提出了检测方法和流程,通过数据挖掘方法对恶意软件和正常软件进行行为知识发现,利用发现的行为知识对未知软件进行行为可信性判定;最后,对方法进行了实现,对一些行为模式使用选定的样本进行了实验验证.实验结果表明,该方法能够依据软件行为可信策略检测未知软件中的恶意行为,检测成功率高.
|
| 关 键 词: | 行为可信性 入侵检测 软件行为 序列模式发现 静态检测 |
Intrusion detection approach towards software behavior trustworthiness |
| |
| WANG Xinzhi,SUN Lechang,LU Yuliang,ZHANG Min.Intrusion detection approach towards software behavior trustworthiness[J].Journal of University of Science and Technology of China,2011,41(7). |
| |
| Authors: | WANG Xinzhi SUN Lechang LU Yuliang ZHANG Min |
| |
| Institution: | WANG Xinzhi,SUN Lechang,LU Yuliang,ZHANG Min (Electronic Engineering Institute,Hefei 230037,China) |
| |
| Abstract: | According to the problems of current intrusion detection methods,a new static detection approach towards software behavior trustworthiness was presented.Firstly,software behavior trustworthiness was discussed and defined formally,and was then described with instruction sequences.Secondly,a detection approach and its process were presented.Malicious behavior knowledge obtained through data mining on malware was organized as trustworthiness policy and used to detect and judge unknown software.Thirdly,the appr... |
| |
| Keywords: | software trustworthiness intrusion detection software behavior sequential pattern discovery static detection |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
