[1] |
BAYER U , MOSER A , KRUEGEL C ,et al. Dynamic analysis of malicious code[J]. Journal in Computer Virology, 2006,2(1): 66-77.
|
[2] |
BAYER U , HABIBI I , BALZAROTTI D ,et al. A view on current malware behaviors[A]. Proceedings of the 2nd Usenix Workshop on Large-Scale Exploits and Emergent Threats (LEET'09)[C]. Boston,MA, 2009.
|
[3] |
诸葛建伟, 韩心慧, 叶志远 ,等. 僵尸网络的发现与跟踪[A]. 全国网络与信息安全技术研讨会[C]. 2005. 183-189. ZHUGE J W , HAN X H , YE Z Y ,et al. Discover and track Botnets[A]. NetSec2004[C]. 2005. 183-189.
|
[4] |
NIVARGI V , BHAOWAL M , LEE T . Machine learning based botnet detection[EB/OL]. .
|
[5] |
KONDO S , SATO N . Botnet traffic detection techniques by C&C session classification using SVM[A]. Proc of the 2nd International Workshop on Security[C]. Berlin: Springer, 2007. 91-104.
|
[6] |
KUGISAKI Y , KASAHARA Y , HORI Y . Bot detection based on traffic analysis[A]. Proc of 2007 International Conference on Intelligent Pervasive Computing (IPC2007)[C]. Washington,DC, 2007. 303-306.
|
[7] |
LEE J S , JEONG H C , PARK J H ,et al. The activity analysis of malicious http-based botnets using degree of periodic repeatability[A]. Proc of 2008 International Conference on Security Technology (SecTech2008)[C]. Washington,DC, 2008. 83-86.
|
[8] |
王威, 方滨兴, 崔翔 . 基于终端行为特征的IRC僵尸网络检测[J]. 计算机学报, 2009,32(10): 1980-1988. WANG W , FANG B X , CUI X . IRC Botnet detection based on host behavior[J]. Chinese Journal of Computers, 2009,32(10): 1980-1988.
|
[9] |
GU G , PORRAS P , YEGNESWARAN V . BotHunter:detecting malware infection through ida-driven dialog correlation[A]. Proc of the 16th USENIX Security Symp(Security 2007)[C]. 2007.
|
[10] |
GU G , ZHANG J , LEE W . BotSniffer:detecting Bomet command and control channels in network traffic[A]. Proc of the 15th Annual Network and Distribut System Security Symp(NDSS’08)[C]. SanDiego,CA, 2008. 209-221.
|
[11] |
RAMACHANDRAN A , FEAMSTER N , DAGON D . Revealing Botnet membership using DNSBL counter-intelligence[A]. Proc of the Conference on Botnet Detection:Countering the Largest Security Threat[C]. Berlin: Springer, 2008. 131-142.
|
[12] |
TU H , LI Z T , LIU B . Detecting botnets by analyzing DNS traffic[A]. Proc of the Pacific Asia Workshop on Intelligence and Security Informatics[C]. Berlin: Springer, 2007. 323-324.
|
[13] |
VILLAMARIN-SALOMON R , BRUSTOLONI J C . Identifying botnets using anomaly detection techniques applied to DNS traffic[A]. Proc of the 5th IEEE Consumer Communications and Networking Conference[C]. Washington,DC, 2008. 476-481.
|
[14] |
CHOI H , LEE H . Botnet detection by monitoring group activities in DNS traffic[A]. Proc of the 7th IEEE International Conference on Computer and Information Technology[C]. Washington,DC, 2007. 715-720.
|
[15] |
[EB/OL].
|
[16] |
HUANG H D , LEE C S , KAO H Y ,et al. Malware behavioral analysis system:TWMAN[A]. Intelligent Agent (IA),2011 IEEE Symposium on[C]. 2011. 11-15.
|
[17] |
SONG D , BRUMLEY D , YIN H ,et al. Bitblaze:a new approach to computer security via binary analysis[A]. Proceedings of the 4th International Conference on Information Systems Security (ICISS'08,keynote invited paper)[C]. Hyderabad,India, 2008.
|
[18] |
BELLARD F . A fast and portable dynamic translator[A]. Proceedings of USENIX Annual Technical Conference[C]. USA, 2005. 41-46.
|
[19] |
QEMU:the open source processor emulator[EB/OL]. .
|
[20] |
YIN H , SONG D , EGELE M ,et al. Panorama:capturing systemwide information flow for malware detection and analysis[A]. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS'07)[C]. New York,NY,USA, 2007. 116-127.
|
[21] |
AMIT V . Wildcat:an Integrated Stealth Environment for Dynamic Malware Analysis[D]. University of Texas, 2007.
|
[22] |
DINABURG A , ROYAL P , SHARIF M ,et al. Ether:malware analysis via hardware virtualization extensions[A]. Proceedings of the ACM Conference on Computer and Communications Security (CCS'08)[C]. Alexandria,Virginia,USA, 2008. 27-31.
|
[23] |
WILLEM S, , CARSTEN H , THORSTE N ,et al. Toward automated dynamic malware analysis using cwsandbox[A]. Proceedings of the IEEE Symposium on Security and Privacy (SSP'07)[C]. 2007.
|