摘要
当今的病毒对检测软件具有更强的欺骗性,由于病毒技术不断地更新,为了应对病毒新技术的出现,反病毒研究人员必须不断地更新病毒检测算法。具有智能化的检测算法是一种流行的病毒检测算法,能对已知病毒和新病毒进行检测,所以病毒检测技术的智能化是将来发展的趋势。MMTD算法是一种具有中介思想的算法,该文中将中介真值程度度量的方法和相似性算法相互结合在一起提出了一种新的病毒检测算法,该算法思路是:首先通过恶意代码权值计算公式,对某些程序进行权值计算,从而判断该程序是恶意程序还是善意程序。如果是恶意程序,则将该恶意代码权值的大小与已知病毒权值进行匹配,然后再使用MMTD算法对匹配的结果进行衡量:是好还是不好。在权值匹配结果好的基础上,最后使用相似性算法对未知病毒进行属性上的判断。
today's virus on detection software is more deceptive, because of the virus technology constantly updated, in response tothe virus is the emergence of new technology, anti-virus researchers must constantly update virus detection algorithm. Intelligentdetection algorithm is a popular virus detection algorithm, which can detect viruses and new viruses, so the intelligence of virus de-tection technology is the trend of future development. MMTD algorithm is a kind of algorithm, with the mediation ideas in this arti-cle, the mediation degree of truth value measurement method and the similarity algorithm combining together a new virus detectionalgorithm is proposed, the algorithm idea is: first, the formula for computing the weights of malicious code, some programs forweight calculation, so as to determine whether the program is a malicious program or goodwill. If it is a malicious program, it match-es the value of the malicious code weight with the known virus weight, and then the MMTD algorithm to measure the matching re-sults: good or bad. Based on the results of weight matching, the method of similarity algorithm is used to determine the properties ofunknown virus.
作者
朱俚治
ZHU Li-zhi (Information Center of Nanjing University of Aeronautics and Astronautics, Nanjing 210016, China)
出处
《电脑知识与技术》
2018年第3期17-19,21,共4页
Computer Knowledge and Technology
