摘要: 传统木马检测方法的漏报率较高。为此,结合木马的动态特征与静态特征,设计并实现一个基于动静特征加权的木马检测系统。研究木马工作机制,建立自定义的木马特征库,介绍木马检测思路和系统工作逻辑,分析木马特征的提取过程,并给出权值分配方法。实验结果表明,该系统的检测准确率较高。
关键词:
木马特征,
动态检测,
静态检测,
加权算法
Abstract: In allusion to the shortage of high unreported rate of current detection method for Trojan, using dynamic and static characteristics of Trojan, Trojan detection system based on weighting of dynamic and static characteristics is designed and realized. By in-depth research of work mechanism of Trojan, custom characteristic library for Trojan is built. Detection idea for Trojan and work logic of detection system is introduced, pick-up procedure of Trojan characteristic is analyzed, and distribution method of weight for Trojan characteristic is given. Experimental result proves that the Trojan detection system has high accurate rate.
Key words:
Trojan characteristic,
dynamic detection,
static detection,
weighting algorithm
中图分类号:
钟明全, 李焕洲, 唐彰国, 张健. 基于动静特征加权的木马检测系统[J]. 计算机工程, 2012, 38(2): 153-155.
ZHONG Meng-Quan, LI Huan-Zhou, TANG Zhang-Guo, ZHANG Jian. Trojan Detection System Based on Weighting of Dynamic and Static Characteristics[J]. Computer Engineering, 2012, 38(2): 153-155.