计算机工程 ›› 2010, Vol. 36 ›› Issue (3): 145-147.doi: 10.3969/j.issn.1000-3428.2010.03.048

• 安全技术 • 上一篇    下一篇

基于智能特征码的反病毒引擎设计

王海峰1,2

  

  1. (1. 临沂师范学院信息学院,临沂 276002;2. 上海理工大学管理学院,上海 200093)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2010-02-05 发布日期:2010-02-05

Design of Anti-virus Engine Based on Intelligent Characteristic Code

WANG Hai-feng1,2   

  1. (1. College of Information, Linyi Normal University, Linyi 276002;
    2. School of Management, University of Shanghai for Science and Technology, Shanghai 200093)
  • Received:1900-01-01 Revised:1900-01-01 Online:2010-02-05 Published:2010-02-05

摘要: 针对传统反病毒引擎的体系结构难于扩展的缺点,通过分析其数学模型,提出新的基于触发检测逻辑的反病毒引擎模型,实现相应的原型系统。利用增加特征码的语义来抽取固化的检测逻辑,提高反病毒引擎的可扩展性,增强对新病毒及病毒变种的检测能力。实验结果证明,该引擎可以检测出11种常见病毒的变种,具有较高的准确性。

关键词: 反病毒引擎, 特征码, 程序行为

Abstract: Aiming at the problem that traditional anti-virus engine architecture is difficult to expand, this paper presents a novel detection model based on trigger logic by analyzing the mathematical model of anti-virus engine, realizes the relative prototype system. The detection logic which embedded in the structure is separated from the new anti-virus engine by intelligent characteristic code to improve the capacity expansion and enhance the detection capacity. Experimental result shows that this engine is highly effective on recognition rate, it can detect eleven kinds of common virus variation.

Key words: anti-virus engine, characteristic code, program behavior

中图分类号: