基于特征行为分析的木马病毒检测技术的研究 *

doi:10.3969/j.issn.1000-0801.2014.11.018

Abstract

Abstract:

Trojans inject systems and launch various attacks, such as eavesdropping secret information, tampering with system configuration etc., which threats to system security seriously. A novel anti-Trojan malware mechanism based on characteristic behavior and cosine similarity was proposed. Firstly, according to the initial rules base and application behavior, the mechanism regularized the operations of application, and then, the mechanism invoked rules to judges suspicious behaviors based on current rules base and operational impact. Once the application was considered as Trojan malware, the system would dispatch the appropriate algorithm for processing. The mechanism triggered by sensitive behaviors, and had the active prevention function and self-learning function. The analysis and experiment show the solution can detect Trojan malware effectively.

Key words: Trojan malware, behavior detection, regularization, security

Weifu Zou,Yiying Zhang,Suxiang Zhang,Chengyue Yang. Research on Anti-Trojan Malware Mechanism Based on Characteristic Behavior[J]. Telecommunications Science, 2014, 30(11): 105-109.

Figures/Tables 5

References 11

1	国家计算机病毒应急处理中心. 第十二次全国信息网络安全状况与计算机及移动终端病毒疫情调查分析报告. , 2013
2	韩宇, 申永军 . 特洛伊木马隐藏技术分析．微计算机信息, 2012,28(1): 128～129
3	蔺聪, 黑霞丽 . 木马的植入与隐藏技术分析．信息安全与通信保密, 2008(7): 53～55
4	张复生 . 基于广谱通信行为分析的木马检测技术研究．重庆邮电大学硕士学位论文, 2011
5	Liu D . Analysis on hiding technologies of Trojan hors． China Science and Technology Information, 2010,1(1): 112～113
6	付文, 魏博, 赵荣彩 . 基于模糊推理的程序恶意性分析模型研究．通信学报, 2010,31(1): 44～50
7	李家骥 . 计算机木马攻击与检测技术研究及实现．电子科技大学硕士学位论文, 2011
8	李鹏, 王汝传 . 基于自相似特性的恶意代码动态分析技术．南京邮电大学学报 (自然科学版), 2012,32(3): 86～90
9	邢云冬, 刘胜利 . 木马网络通信特征提取模型的设计与实现．计算机工程与设计, 2010,31(20): 4382～4384,4446
10	程文聪 . 面向大规模网络安全态势分析的时序数据挖掘关键技术研究．国防科学技术大学博士学位论文, 2010
11	何鸿君, 罗莉, 董黎明等. 广义病毒的形式化定义及识别算法．计算机学报, 2010,33(3): 562～568

Metrics

Recommended 0

No Suggested Reading articles found!

序号	病毒名称
1	Troj_Generic及变种
2	“代理木马”（Troj_Agent）及变种
3	“木马下载器”（Troj_Downloader）及变种
4	Backdoor_Rbot及变种
5	Kido及变种
6	Troj_Startpage及变种
7	“QQ盗号木马”（Troj_QQPsw）及变种
8	Win32_AdWare.Undef及变种
9	“新鬼影”病毒及变种
10	Download_Patched及变种

[1]	Shengli ZHOU, Keyi JIANG, Bo XU, Rui XU, Xikang ZHANG, Quanzhe ZHAO, Yangdong XU. Research on the effectiveness evaluation of cyber security curriculum construction for combating telecom network fraud [J]. Telecommunications Science, 2023, 39(6): 122-128.
[2]	Yong ZHANG, Jikui LIU, Wenlong KE. EEG emotion recognition based on parallel separable convolution and label smoothing regularization [J]. Telecommunications Science, 2023, 39(5): 116-128.
[3]	Le ZHANG, Hongyuan MA. Practice on edge cloud security of telecom operators [J]. Telecommunications Science, 2023, 39(4): 165-172.
[4]	Fuyuan CHEN, Zhenjiang DONG, Jiankuo DONG, Minjie XU. A survey of V2X security protection technologies [J]. Telecommunications Science, 2023, 39(3): 1-15.
[5]	Jingjie SHEN, Guangqiu LI, Yancui LUO, Huizhi LIU. Physical layer security of full-duplex relay-assisted D2D networks under outdated CSI [J]. Telecommunications Science, 2023, 39(3): 89-99.
[6]	Yu KANG, Yaqiong LIU, Tongyu ZHAO, Guochu SHOU. A survey on AI algorithms applied in communication and computation in Internet of vehicles [J]. Telecommunications Science, 2023, 39(1): 1-19.
[7]	Jianwu ZHANG, Yanjun AN, Huangyan DENG. A survey on DNS attack detection and security protection [J]. Telecommunications Science, 2022, 38(9): 1-17.
[8]	Yusun FU, Jinhui TANG. A survey on 5G capabilities enabling the factories of the future [J]. Telecommunications Science, 2022, 38(9): 18-35.
[9]	Yifan DING, Guangqiu LI, Hui LI. Physical layer security of NOMA-D2D cooperative wireless system [J]. Telecommunications Science, 2022, 38(9): 83-94.
[10]	Weixiong CHEN, Xiaochen YANG, Zengjun CHUN, Ruolan LI, Hua ZHANG. Research and practice of network security threat intelligence management system for power enterprise [J]. Telecommunications Science, 2022, 38(7): 184-189.
[11]	Hongbin LUO, Shan ZHANG, Zhiyuan WANG. Interconnection and coexistence of heterogeneous network:requirements, challenges, and architecture [J]. Telecommunications Science, 2022, 38(6): 18-30.
[12]	Yan GAO, Jian SHI, Shengyu MA, Bolin MA, Guangxue YUE. DropBlock based bimodal hybrid neural network for wireless communication modulation recognition [J]. Telecommunications Science, 2022, 38(5): 75-86.
[13]	Yifan DING, Guangqiu LI, Hui LI. Physical layer security for SWIPT-NOMA system in presence of randomly located eavesdroppers [J]. Telecommunications Science, 2022, 38(3): 133-142.
[14]	Shimulin XIE, Ijie BA, Xiang ZHANG, Zeyi TANG, Weifan NIAN, Xujie LIU. Task security scheduling method for 5G+MEC based grid edge computing platform [J]. Telecommunications Science, 2022, 38(12): 78-85.
[15]	Yatian LIU, Bowen HU, Maofei CHEN, Dongxin LIU. Study on the 5GC security situational awareness system [J]. Telecommunications Science, 2022, 38(11): 73-85.

Research on Anti-Trojan Malware Mechanism Based on Characteristic Behavior

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 5

References 11

Related Articles 15

Metrics

Recommended 0