Malicious Code Detection Based on Software Fingerprint
- DOI
- 10.2991/icaise.2013.45How to use a DOI?
- Keywords
- Malicious code, static analysis model, software fingerprint, shape moments.
- Abstract
The malicious code on the network is increasingly rampant that the traditional detection method of characteristic code has been difficult to deal with malicious code, with features of various variants, deformations and other problems. In this paper we present a new static analysis model based on software fingerprint to distinguish malicious codes. Through obtaining the software call graph by disassembling the binary file and mapping it as an image, shape moments can be obtained as the software fingerprint based on the retrieval theory of content image, combined with moment theory and the image's color, texture and shape features. The idea of pattern matching is used to measure the extracted software fingerprint similarity to determine whether it is malicious code or not. Then, we analyze the collected program samples. Test and verify whether the program has good performance in uniqueness, invariability and sensibility.
- Copyright
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Zhimin Yin AU - Xiangzhan Yu AU - Linhua Niu PY - 2013/08 DA - 2013/08 TI - Malicious Code Detection Based on Software Fingerprint BT - Proceedings of the 2013 The International Conference on Artificial Intelligence and Software Engineering (ICAISE 2013) PB - Atlantis Press SP - 212 EP - 216 SN - 1951-6851 UR - https://doi.org/10.2991/icaise.2013.45 DO - 10.2991/icaise.2013.45 ID - Yin2013/08 ER -