本文已被:浏览 1546次 下载 1899次
Received:May 08, 2018 Revised:June 04, 2018
Received:May 08, 2018 Revised:June 04, 2018
中文摘要: 反虚拟化是当前影响恶意代码动态分析系统全面获取样本行为数据的重要因素.本文提出从恶意代码动态分析环境的主机环境,网络环境和用户交互环境进行系统的反虚拟化对抗方法,并将反虚拟化对抗实现在已有的动态分析系统上,实验结果表明反虚拟化对抗有效的增强了动态分析系统获取样本行为数据的能力.
Abstract:Anti-virtualization is currently an important factor affecting the overall acquisition of sample behaviour data by a dynamic analysis system of malicious code. This study proposes a systematic anti-virtualization confrontation method from host environment, network environment, and user interaction environment of dynamic analysis environment of malicious code, and implements the anti-virtualization confrontation in the existing dynamic analysis system. Experimental results show that the anti-virtualization confrontation effectively enhances the dynamic analysis system's ability to capture sample behavior data.
文章编号: 中图分类号: 文献标志码:
基金项目:国家自然科学基金(61502468,U1736209);“十三五”全军共用信息系统装备预研基金(6140134040216ZK65002)
引用文本:
莫建平,应凌云,苏璞睿,王嘉捷.恶意代码动态分析中的反虚拟化问题研究.计算机系统应用,2018,27(12):1-8
MO Jian-Ping,YING Ling-Yun,SU Pu-Rui,WANG Jia-Jie.Anti-Virtualization in Dynamic Analysis of Malicious Code.COMPUTER SYSTEMS APPLICATIONS,2018,27(12):1-8
莫建平,应凌云,苏璞睿,王嘉捷.恶意代码动态分析中的反虚拟化问题研究.计算机系统应用,2018,27(12):1-8
MO Jian-Ping,YING Ling-Yun,SU Pu-Rui,WANG Jia-Jie.Anti-Virtualization in Dynamic Analysis of Malicious Code.COMPUTER SYSTEMS APPLICATIONS,2018,27(12):1-8
