Malicious program packing detection method and system based on multi-dimensional weighting

Malicious program packing detection method and system based on multi-dimensional weighting

The invention relates to a malicious program packing detection method and system based on multi-dimensional weighting, and belongs to the technical field of information security. According to the method, the program is analyzed from the three dimensions of the file format, the data confusion degree...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: REN YICHEN, HAI RAN, LUO JIFAN, ZHUANG JIE, LIU MINGZHE, ZHANG SHUAI, WANG FANGMING
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to a malicious program packing detection method and system based on multi-dimensional weighting, and belongs to the technical field of information security. According to the method, the program is analyzed from the three dimensions of the file format, the data confusion degree and the data content, the shelled program and a common program are comprehensively compared, disguise of the shelled program can be effectively resisted, and the problem that feature detection is low in stability from a single angle is solved. The features are quantized, so that the features can directly participate in mathematical calculation, and the features are standardized by using a probability formula, so that a calculation result has probabilistic significance. The entropy weight method is used for calculating the weight, so that the influence of subjective factors on each feature weight is effectively avoided, and the objectivity of the detection system is effectively ensured. And judgment is carried out i