摘要
恶意代码的深层隐藏和检测技术已经成为当前计算机安全技术的一个研究热点。多态变形技术是一种新型隐藏技术,它使得传统的基于特征码的检测技术相对滞后,论文详细阐述了恶意代码变种生成技术,主要包括加密技术、多态技术、变形技术。深入研究了m序列的随机性和状态遍历特性,提出的基于m序列的多态方法,能够有效提高恶意代码多态的效率和随机性。
The deep hiding and detecting technology of malicious code has already become one of the research hotspots in computer security. And the technology of polymorphism and metamorphism is a new hiding technology. The application of polymorphism and metamorphism also makes the sequence codebased detection lag behind. This thesis elaborates the technology of creating malicious code mutation, including encryption, polymorphism and metamorphism. The randomicity and all condition reached characteristics of m sequence are analyzed. Then the polymorphism based on m sequence is proposed, which can improve the efficiency and randomicity of malicious code polymorphism.
出处
《计算机与数字工程》
2008年第10期149-153,共5页
Computer & Digital Engineering
关键词
恶意代码
加密
多态
变形
M序列
malicious code, encrypt, polymorphism,metamorphism, m sequence