检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张翼飞 ZHANG Yifei(Key Laboratory of Communications for National Defense,Shijiazhuang 050011,China)
出 处:《计算机与网络》2023年第12期54-56,共3页Computer & Network
摘 要:随着编程语言的发展,恶意软件愈发泛滥,包括木马、Shell、后门和钓鱼程序等。而其外观与正常软件几乎一样,普通用户难以区分,如果误装了恶意软件会产生很严重的后果。同时,安全从业人员也需要通过分析恶意软件的底层逻辑和源代码来研究如何防范恶意软件。针对Java和C++编写的软件已经有了成熟的逆向分析方法,而对基于Python开发的软件还没有。因此,提出了一种面向Python软件的静态逆向分析方法,通过解析软件源代码,帮助普通用户避免误用恶意软件以及帮助研究人员更透彻地了解恶意软件。对Python软件的打包封装原理进行了简要介绍,详细说明了逆向分析方法的流程,并对示例程序进行了打包封装及逆向分析全流程的实验验证,总结了该方法的应用场景及不足之处。With the development of programming languages,malware is increasingly prevalent,including Trojan horses,shells,backdoors,phishing and so on.Its appearance is almost the same as normal software,which is difficult for ordinary users to distinguish.Installing malicious software by mistake will have serious consequences.At the same time,security practitioners also need to study how to prevent malware by analyzing the underlying logic and source code of malware.Nowadays,there are mature reverse analysis methods for software written in Java and C++,but not for software developed based on Python.Therefore,a static reverse analysis method for python software is put forward.By analyzing the software source code,it can help ordinary users avoid misuse of malware and help researchers have a better understanding of malware.Firstly,the packaging principle of Python software is briefly introduced.Then the process of reverse analysis method is explained in detail,and the whole process of packaging and reverse analysis of the example program is verified by experiments.Finally,the application scenarios and shortcomings of the method are summarized.
关 键 词:PYTHON 恶意软件 逆向分析 静态分析 反编译 反汇编
分 类 号:TP314[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.140.254.100