P. Deng, Jau-Hwang Wang, Wen-Gong Shieh, Chin-Pin Yen, C. Tung
{"title":"智能自动恶意代码签名提取","authors":"P. Deng, Jau-Hwang Wang, Wen-Gong Shieh, Chin-Pin Yen, C. Tung","doi":"10.1109/CCST.2003.1297626","DOIUrl":null,"url":null,"abstract":"The computer malicious executable code has been with us for a quite long time. Since computer hardware and Internet is growing so fast today, security threats of malicious executable code are getting more serious. Basically, malicious executable codes are categorized into three kinds. The first is called virus, which always infect other benign programs. The second is called Trojan which always masquerade its malicious executable code inside a usefully utility or freeware program. And the last but not the least is called worm that replicate and distribute itself automatically around the network. According to the literature survey [R.A. Grimes (2001)], current antivirus products cannot detect all the malicious codes, especially for those unseen, polymorphism malicious executable codes. Moreover, there are many virus program generators and mutation engines available on public Web sites that can be downloaded freely make a lot of unseen, polymorphism, and harmful executable malicious code. So how to extract virus signatures efficiently and effectively automatically instead of manually for an antivirus scanner system is quite important and also is the major purpose of this research.","PeriodicalId":344868,"journal":{"name":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Intelligent automatic malicious code signatures extraction\",\"authors\":\"P. Deng, Jau-Hwang Wang, Wen-Gong Shieh, Chin-Pin Yen, C. Tung\",\"doi\":\"10.1109/CCST.2003.1297626\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The computer malicious executable code has been with us for a quite long time. Since computer hardware and Internet is growing so fast today, security threats of malicious executable code are getting more serious. Basically, malicious executable codes are categorized into three kinds. The first is called virus, which always infect other benign programs. The second is called Trojan which always masquerade its malicious executable code inside a usefully utility or freeware program. And the last but not the least is called worm that replicate and distribute itself automatically around the network. According to the literature survey [R.A. Grimes (2001)], current antivirus products cannot detect all the malicious codes, especially for those unseen, polymorphism malicious executable codes. Moreover, there are many virus program generators and mutation engines available on public Web sites that can be downloaded freely make a lot of unseen, polymorphism, and harmful executable malicious code. So how to extract virus signatures efficiently and effectively automatically instead of manually for an antivirus scanner system is quite important and also is the major purpose of this research.\",\"PeriodicalId\":344868,\"journal\":{\"name\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-10-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCST.2003.1297626\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE 37th Annual 2003 International Carnahan Conference onSecurity Technology, 2003. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCST.2003.1297626","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The computer malicious executable code has been with us for a quite long time. Since computer hardware and Internet is growing so fast today, security threats of malicious executable code are getting more serious. Basically, malicious executable codes are categorized into three kinds. The first is called virus, which always infect other benign programs. The second is called Trojan which always masquerade its malicious executable code inside a usefully utility or freeware program. And the last but not the least is called worm that replicate and distribute itself automatically around the network. According to the literature survey [R.A. Grimes (2001)], current antivirus products cannot detect all the malicious codes, especially for those unseen, polymorphism malicious executable codes. Moreover, there are many virus program generators and mutation engines available on public Web sites that can be downloaded freely make a lot of unseen, polymorphism, and harmful executable malicious code. So how to extract virus signatures efficiently and effectively automatically instead of manually for an antivirus scanner system is quite important and also is the major purpose of this research.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
