Full-Text Search:
Home|Journal Papers|About CNKI|User Service|FAQ|Contact Us|中文
《Application Research of Computers》 2008-03
Add to Favorite Get Latest Update

Analysis of malicious code variants based on structural fingerprints

WEI Qiang,JIN Ran,WANG Qing-xian(Information Engineering College,PLA Information Engineering University,Zhengzhou 450002,China)  
This paper presented a new static analysis model based on structural fingerprints to help reversing engineers analysing malicious code and its variant.Using structural fingerprints extracted from malicious code and its variant,this model carried on isomorphism of call graph and control flow graph to find changed functions and basic blocks,which gave enough information for the reversing engineers quickly locating the difference between the two files to do advanced research.Since using structural character and prime product,the model would not be confused by common methods of code obfuscation and could identify that some polymorphic codes were equivalent.
【Fund】: 国家“863”计划资助项目(2003AA146010)
【CateGory Index】: TP391.7
Download(CAJ format) Download(PDF format)
CAJViewer7.0 supports all the CNKI file formats; AdobeReader only supports the PDF format.
【References】
Chinese Journal Full-text Database 1 Hits
1 Miao Deyu,Kang Xuebin,Xiao Xinguang(Beijing Antiy Electronic Equipment Co.,Ltd.,Beijing 100084,China);Analysis and Forensics of Malware in Suspicious Computer Based on Four Class Trust Model[J];Telecommunications Science;2011-01
【Co-references】
Chinese Journal Full-text Database 1 Hits
1 Xu Rongsheng Wu Haiyan Liu Baoxu(Computing Center,Institute of High Energy Physics,CAS,Beijing100039);Computer Forensics Introduction[J];Computer Engineering and Applications;2001-21
©2006 Tsinghua Tongfang Knowledge Network Technology Co., Ltd.(Beijing)(TTKN) All rights reserved