检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:陆涛[1] LU Tao(College of Information Engineering,Nanning University,Nanning 530200,China)
出 处:《现代电子技术》2017年第3期85-88,共4页Modern Electronics Technique
基 金:2015年度广西高校科学技术研究项目(KY2015YB533):基于新媒体技术的多渠道农业生产资讯推送平台--服务邕宁区农业生产
摘 要:恶意程序的入侵方式简单、隐藏方式多且更新速度快,传统恶意程序检测算法检测误报率高、恶意程序更新追踪能力不佳,为此设计了基于概率论和线性叠加的恶意程序检测算法。该算法由行为特征提取模块、行为特征检测模块和恶意程序输出模块组成,行为特征提取模块将被测网络中程序的行为特征提取出来,经由行为特征检测模块对其中的具体行为和隐含行为进行动态检测,给出程序恶意程度文件,恶意程序输出模块以程序恶意程度文件作为输入,根据设计的线性叠加函数和深度检测流程图检测出其中的恶意程序并输出。经实验证明,设计的算法检测误报率低、恶意程序更新追踪能力强。Since the malicious program has simple invasion way,massive hidden ways and fast update speed,and the tradi?tional detection algorithm dealing with the malicious program has high false alarm rate of the detection, poor update and tracking ability,a malware program detection algorithm based on probability theory and linear superposition was designed. The algorithm is composed of the behavior feature extraction module,behavior feature detection module and malicious program out?put module. The program behavior feature in the network under test are extracted by means of the behavior feature extraction module,and its concrete behavior and hidden behavior are dynamically detected via the behavior feature detection module. The malicious degree file of the program is given,and taken as the input of the malicious program output module. According to the designed linear superposition function and depth detection flow chart,the malicious program was detected and output. The ex?perimental results show that the algorithm has low false alarm rate of the detection,and good capacity to track the updated mali?cious program.
分 类 号:TN915.08.34[电子电信—通信与信息系统] TP309.5[电子电信—信息与通信工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222