Title :
Semantic detection of malicious code based on the normalized system call
Author :
Liu, Zilong ; Li, Yichao ; Yichao Li ; Shao, Changgeng
Author_Institution :
Res. Inst. of Electron. Sci. & Technol., Univ. of Electron. Sci. & Technol. of China, Chengdu, China
Abstract :
This paper presents a new semantic detection of malicious code method based on the normalized system call to obtain perfect malicious code system sequence and related parameters through the control of virtual environment, And to normalize the called sequence again. In order to effectively determine the malicious code, we establish a highly efficient abstract behavior vector´s database of malicious code. By a large number of malicious codes experimental verification, the method is compared with existing methods that can be more accurate description of the malicious code attacks based on system call, and effectively in identifying unknown malicious code.
Keywords :
database management systems; formal verification; invasive software; abstract behavior vector database; malicious code attacks; malicious code method; malicious code system sequence; malicious codes experimental verification; normalized system call; semantic detection; virtual environment; Analytical models; Computers; Malware; Privacy; Semantics; XML; behavior detection; malicious code; normalization; semantic cognitive; system call;
Conference_Titel :
Computer Science and Service System (CSSS), 2011 International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-9762-1
DOI :
10.1109/CSSS.2011.5974526
