| 一种恶意软件实时检测模型 |
| |
| 引用本文: | 凹建勋.一种恶意软件实时检测模型[J].信息安全与通信保密,2011,9(10):76-78. |
| |
| 作者姓名: | 凹建勋 |
| |
| 作者单位: | 中国人民解放军95973部队,云南昆明,650500 |
| |
| 摘 要: | 启发式扫描检测入侵行为未知的恶意软件,存在误报及漏报问题,且不能有效监控Rootkit。基于"通过监控某种恶意行为,实现对一类入侵方式未知的恶意软件的实时检测"的思想,提出了一种实时检测入侵行为未知恶意软件的Petri网模型,给出了性能测量及优化方法。通过在模型指导下建立的恶意软件实时检测系统中采集关键参数,完成了模型性能评价和调整。设计的系统可实时准确地检测具有特征行为的恶意软件。
|
| 关 键 词: | 恶意软件 实时检测 Petri网模型 |
A Malware Real-time Detection Model |
| |
| AO Jian-xun.A Malware Real-time Detection Model[J].China Information Security,2011,9(10):76-78. |
| |
| Authors: | AO Jian-xun |
| |
| Affiliation: | AO Jian-xun(APL Unit 95973,Kunming Yunnan 650500,China) |
| |
| Abstract: | Misreport or miss probability usually exists in the heuristic scanning for detection of unknown malware intrusions,and this could not effectively monitor the Rootkit.Based on idea "by monitoring some malicious behavior,to realize real-time detection of a class of malicious software with unknown intrusion way",a Petri net model for real-time intrusion detection of malware with unknown behavior is proposed,and the method for performance measurement and optimization also given.A malicious software real-time detection systemis established under the guidance of the model,and performance evaluation and adjustment of the model is done by collecting the key parameters in the system.The proposed real-time detection system could accurately detect the malware with characteristic behavior. |
| |
| Keywords: | malware real-time detection Petri net model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
