消除病毒变形的零转换技术

Technology named zeroing transformation of eliminating polymorph of virus

下载PDF

导出

摘要计算机病毒变形技术的出现产生了大量的变形病毒,传统的病毒检测系统在变形病毒检测方面不尽人意。针对该现象,提出了一种消除病毒变形的零转换技术,其中包括消除病毒变形技术常用的垃圾代码的插入、变量重命名、等价语句替换、跳转指令的利用和语句重排等变形转换方法。实验结果表明,该技术能从很大程度上降低病毒变形的个数,程序语句可能出现的平均转换形式个数从转换前的1043降低到108,达到了提高病毒检测系统性能的目的。 The polymorphic technology of computer virus produces a great deal ofpolymorphic virus. There are still some limitations in traditional virus detection systems, such as polymorphic virus detection. Aiming at the phenomenon, a new technology named zeroing transformation is put forward, which includes eliminating the morphing transformations used frequently by the polymorphic technology of computer virus. The morphing transformations comprises dead code insertion, variable renaming, expression reshaping, break and join transformations and statement reordering. The experiment proves that the technology can reduce the amount ofpolymorphs of virus by a long way. The average number of the procedure sentences＇s transformational shape reduces from ten power forty three to ten power eight. The technology improves the performance of virus detection system certainly.

作者秦晓倩

机构地区淮阴师范学院地理系

出处《计算机工程与设计》 CSCD 北大核心 2009年第4期893-896,共4页 Computer Engineering and Design

基金国家"十五""211工程"重点学科建设基金项目(181070H901) 江苏省科技厅基金项目(2005101SBRB231)

关键词病毒检测变形病毒变形转换变形转换器零转换串表达式 virus detection polymorphic virus polymorph transformation polymorph engine zeroing transformation string representation

分类号 TP309.5 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献7

1Wang Jau-Hwang,Deng P S,Fan Yi-Shen, et al.Virus detection using data mining techinques[C].Proceedings IEEE 37th Annual 2003 International Carnahan Conference on Digital Object Identifier,2003:71-76.
2George Lawton.Virus wars:Fewer attacks,new threats[J].IEEE Computer,2002,35(12):22-24.
3Paul K Harmer, Paul D Williams,Gregg H Gunsch,et al.An artificial immune system architecture for computer security applications[J].IEEE Transtraction on Evolutionary Computation,2002 (6):252-280.
4许丹,李翔,汪小帆.复杂网络理论在互联网病毒传播研究中的应用[J].复杂系统与复杂性科学,2004,1(3):10-26. 被引量：32
5Iyad Kuwatly, Malek Sraj.A dynamic honeypot design for intrusion detection [C]. Proceedings of the IEEE/ACS International Conference on Pervasive Sercices(ICPS'04),2004.
6Grimes R A. Malicious mobile code-virus protection for Windows[M].O'Reilly Media Inc,2004.
7Moinuddin Mohammed. Zeroing in on metamorphic computer viruses[D].University of Louisiana at Lafayette,2003.

二级参考文献35

1[11]Wang Xiaofan, Chen Guanrong. Complex networks: small-world, scale-free, and beyond[J]. IEEE Circuits and Systems Magazine, 2003, 3(2): 6-20.
2[12]Chen Guanrong, Fan Zhengping,Li Xiang. Modelling the complex Internet topology[M]. Complex Dynamics in Communication Networks[M], Springer Publisher, in press, 2004.
3[13]Faloutsos M, Faloutsos P, Faloutsos C. On power-law relationships of the Internet topology[J]. Computer Communication Review, 1999, 29(4): 251-262.
4[14]Li Xiang, Chen Guanrong. A local-world evolving network model[J]. Physica A, 2003, 328(1,2): 274-286.
5[15]Kephart J O, White S R. Directed-graph epidemiological models of computer viruses[A]. Proceedings of the 1991 IEEE Symposium on Security and Privacy[C]. Oakland,California,USA:IEEE Computer Society Press,1991.343-359.
6[16]Kephart J O, White S R. Measuring and modeling computer virus prevalence[A]. Proceedings of the 1993 IEEE Symposium on Security and Privacy[C]. IEEE,1993.2-15.
7[17]Pastor-Satorras R, Vespingnani A. Epidemic spreading in scale-free networks[J]. Physical Review Letters, 2001,86(14): 3200-3203.
8[18]Pastor-Satorras R, Vazquez A ,Vespignani A. Dynamical and correlation properties of the Internet[J]. Physical Review Letters, 2001, 87(25): 258701.
9[19]Moreno1 Y, Pastor-Satorras R, Vespignani1 A. Epidemic outbreaks in complex heterogeneous networks[J]. Eur. Phys. J. B, 2002, 26(4): 521-529.
10[20]Pastor-Satorras R,Vespignani A. Epidemics and immunization in scale-free networks[Z]. Bornholdt S. Handbook of Graphs and Networks: From the Genome to the Internet[M], Wiley-VCH,2003.

共引文献31

1刘建香.复杂网络及其在国内研究进展的综述[J].系统科学学报,2009,17(4):31-37. 被引量：79
2杜金柱,蒋晓原.基于无尺度网络雪崩效应控制的仿真研究[J].计算机仿真,2006,23(5):104-106. 被引量：3
3许丹,李翔,汪小帆.局域世界复杂网络中的病毒传播及其免疫控制[J].控制与决策,2006,21(7):817-820. 被引量：20
4李树茁,杨绪松,靳小怡,费尔德曼,杜海峰.中国乡城流动人口社会网络复杂性特征分析[J].市场与人口分析,2006,12(5):13-22. 被引量：17
5许丹,李翔,汪小帆.复杂网络病毒传播的局域控制研究[J].物理学报,2007,56(3):1313-1317. 被引量：63
6朱雷,孙振球,卜世波.小世界效应和无标度网络模型在网络安全中的应用[J].中国信息导报,2007(3):53-55. 被引量：1
7梁培,肖创柏.复杂网络上病毒传播机理研究[J].网络安全技术与应用,2008(5):86-89. 被引量：1
8秦晓倩.基于蜜罐的免疫病毒检测模型的设计[J].计算机工程与设计,2008,29(20):5184-5186.
9杜海峰,李树茁,朱正威,白萌.公共管理与复杂性科学[J].浙江社会科学,2009(3):13-20. 被引量：11
10Peng Guojun,Zhang Huanguo,Wang Lina.Research in Computer Viruses and Worms[J].China Communications,2007,4(2):90-96.

1张虎臣.后备式零转换时间：不间断电源用一体化变压器[J].山西电子技术,1991(2):10-15.
2陶敬东.清除病毒的通用方法[J].中国计算机用户,1994(5):44-45.
3熊文龙.软件开发中的内在抗病毒方法研究[J].交通与计算机,1996,14(5):52-55.
4张冬文.计算机病毒与反病毒概论[J].四川邮电技术,1991(4):16-23. 被引量：1
5赵明霄,夏雨春,王致强,周成云.微型计算机病毒名称、特征表[J].计算机工程与应用,1990,26(7):4-12.
6李建平.浅谈计算机的维护与病毒的预防[J].太原科技,2002(1):30-30.
7郭永刚.零转换移动动词与移动表现[J].中国科技信息,2005(11B):192-193.
8小枫.突破邮箱的病毒检测[J].计算机应用文摘,2005(13):104-104.
9石黄霞,何颖,董晓红.电力电子软开关技术综述[J].微处理机,2013,34(4):1-6. 被引量：4
10刘景云.消除病毒“后遗症”[J].网络运维与管理,2015,0(1):89-99.

计算机工程与设计

2009年第4期

浏览历史

内容加载中请稍等...

消除病毒变形的零转换技术

参考文献7

二级参考文献35

共引文献31

相关作者

相关机构

相关主题

浏览历史