مرکز منطقه ای اطلاع رساني علوم و فناوري - An identification method on unknown malicious code based on the good or Evil index of API

DocumentCode :

3034764

Title :

An identification method on unknown malicious code based on the good or Evil index of API

Author :

Zhu, Lijun

Author_Institution :

Coll. of Comput. Sci. & Technol., Shenyang Univ. of Chem. Technol., Shenyang, China

fYear :

2011

fDate :

26-28 July 2011

Firstpage :

5285

Lastpage :

5288

Abstract :

This paper puts forward a algorithm based on the good or evil index of API(AGEI) to identify unknown malicious code, it can judge whether the code is malicious or not by a judgement threshold based on the degree of good or evil related API which is catched when the code execute. The experiments result shows that the proposed identification method achieves a good effect on unknown malicious code detection.

Keywords :

application program interfaces; invasive software; API; identification method; unknown malicious code detection; Bayesian methods; Bismuth; Chemical technology; Indexes; Information technology; Malware; Sockets; dynamic behavior; judgement threshold; legal code; malicious code;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Multimedia Technology (ICMT), 2011 International Conference on

Conference_Location :

Hangzhou

Print_ISBN :

978-1-61284-771-9

Type :

conf

DOI :

10.1109/ICMT.2011.6002309

Filename :

6002309

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3034764