摘要
恶意软件的定义是多年来安全领域的研究重点.恶意软件包括病毒、蠕虫和木马.目前仅有病毒的形式化定义,蠕虫、木马没有公认的形式化定义.按照传统病毒的定义,不存在准确识别病毒的算法.文中提出代码是否为病毒是相对于用户而言的,给用户带来损害的代码才是病毒.据此观点,文中以用户意愿为标准,将病毒区分为显式病毒、隐式病毒,并给出了显式病毒的形式化定义和识别算法.理论分析表明,传统病毒以及大部分木马、蠕虫均属于显式病毒,实际案例分析也证实了这一点.
The definition of malicious software is a hot in security domain.Malicious software includes virus,worm and Trojan horse.There is now only formal definition of virus,and no widely accepted formal definitions of worm and Trojan horse.According to definition of traditional virus,there is no algorithm to identify virus definitely.This paper proposes that whether a program code is virus is relative to user,and only those bringing damage to user are viruses.The paper distinguishes viruses to explicit virus and hidden virus based on user's intention,and presents a formal definition of explicit virus and its identifying algorithm.Both theoretical analysis and actual cases study indicates that traditional virus,most of worm,and Trojan horse are explicit viruses.
出处
《计算机学报》
EI
CSCD
北大核心
2010年第3期562-568,共7页
Chinese Journal of Computers
基金
国家"八六三"高技术研究发展计划项目基金(2009AA01Z428)资助~~
关键词
病毒
蠕虫
木马
用户意愿
显式病毒
隐式病毒
virus
worm
Trojan horse
user's intention
explicit virus
hidden virus