| 基于行为特征的BIOS Rootkit检测 |
| |
| 引用本文: | 郭致昌,张平,庞建民,郭浩然,崔晨.基于行为特征的BIOS Rootkit检测[J].计算机工程,2011,37(2):251-252. |
| |
| 作者姓名: | 郭致昌 张平 庞建民 郭浩然 崔晨 |
| |
| 作者单位: | 解放军信息工程大学信息工程学院,郑州,450002 |
| |
| 基金项目: | 国家“863”计划基金资助项目(2009AA01Z434); 河南省重大科技攻关计划基金资助项目(092101210501) |
| |
| 摘 要: | 针对BIOS Rootkit难以检测的问题,提出一种基于行为特征的BIOS Rootkit的检测方法.该方法通过研究BIOS Rootkit工作原理和实现技术,对BIOS Rootkit的行为特征进行归纳、定义和形式化描述,在反编译的过程中提取行为,根据提取的行为构成BIOS Rootkit的完整程度进行恶意性判定.实...
|
| 关 键 词: | BIOS安全 逆向工程 恶意代码 |
BIOS Rootkit Detection Based on Behavior Characteristics |
| |
| GUO Zhi-chang,ZHANG Ping,PANG Jian-min,GUO Hao-ran,CUI Chen.BIOS Rootkit Detection Based on Behavior Characteristics[J].Computer Engineering,2011,37(2):251-252. |
| |
| Authors: | GUO Zhi-chang ZHANG Ping PANG Jian-min GUO Hao-ran CUI Chen |
| |
| Affiliation: | GUO Zhi-chang,ZHANG Ping,PANG Jian-min,GUO Hao-ran,CUI Chen(Institute of Information Engineering,PLA Information Engineering University,Zhengzhou 450002,China) |
| |
| Abstract: | BIOS Rootkit is difficult to detect.Aiming at the problem,this paper proposes a behavior characteristics-based BIOS Rootkits detection method.By studying the BIOS Rootkits' principles and key technologies,this method generalizes,defines and formally describes the behavior characteristics of BIOS Rootkit.Behaviors information is got in decompile phases,and the malicious level is judged according to the rate of a complete BIOS Rootkit formed by those behaviors.Experimental results prove that the method is eff... |
| |
| Keywords: | BIOS security reverse engineering malware |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
