摘要
空白跳转免杀病毒对网络安全已经构成了严重的威胁,对于这种新型病毒的特殊的修改内存特征码方式,文章详细分析其修改过程,进行了同名空白区段间内存特征码对比思路探讨,并提出了相应的检测方法。实验结果表明,本方法在识别此类修改型病毒上具有较高的准确性。
The Jump-blank virus has posed a serious threat to network security. For the new virus signature memory amending in a special way, this paper makes a detailed analysis of the amending process and investigates a method of contrasting the inter-memory signatures in blank sections with the same name. Then the corresponding detection method is put forward. The experimental results show that the presented method is of high accuracy in recognition of such changes in the virus.
出处
《合肥工业大学学报(自然科学版)》
CAS
CSCD
北大核心
2009年第12期1867-1870,共4页
Journal of Hefei University of Technology:Natural Science