Research on a malicious code behavior acquisition method based on the Bochs virtual machine

被引:0
|
作者
Liu, H. Y. [1 ]
Cui, Y. J. [1 ]
机构
[1] Acad Armored Forces Engn, Dept Informat Engn, Beijing, Peoples R China
来源
CIVIL, ARCHITECTURE AND ENVIRONMENTAL ENGINEERING, VOLS 1 AND 2 | 2017年
关键词
D O I
暂无
中图分类号
X [环境科学、安全科学];
学科分类号
08 ; 0830 ;
摘要
Bochs is an open source IA-32 (x86) emulator written in C++ that simulates the entire PC platform, including CPU, I/O devices, memory, and BIOS. This paper presents a method to acquire the behavior of a malicious code based on the Bochs virtual machine. It intercepts the instruction stream and data stream information conditionally when a malicious code is running in Bochs by redesigning the Bochs system, and then it records and parses the intercepted information. It also gets the system call information by linear address analysis so as to provide the executed system calls of a malicious code for the following behavior analysis. Experiments show that this method can effectively acquire the behavior characteristics of malicious codes.
引用
收藏
页码:1309 / 1312
页数:4
相关论文
共 50 条
  • [21] Doc2vec-GRU: A Behavior Classification Method for Malicious Code
    Wang, Haiming
    Zhao, Yuntao
    Wang, Zijun
    [J]. International Journal of Network Security, 2024, 26 (03) : 467 - 476
  • [22] Method for Generating Malicious Code Adversarial Samples Based on Genetic Algorithm
    Yan Jia
    Nie Chujiang
    Su Purui
    [J]. JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY, 2020, 42 (09) : 2126 - 2133
  • [23] An Android Malicious Code Detection Method Based on Improved DCA Algorithm
    Wang, Chundong
    Li, Zhiyuan
    Gong, Liangyi
    Mo, Xiuliang
    Yang, Hong
    Zhao, Yi
    [J]. ENTROPY, 2017, 19 (02):
  • [24] Method for Generating Malicious Code Adversarial Samples Based on Genetic Algorithm
    Yan, Jia
    Yan, Jia
    Nie, Chujiang
    Su, Purui
    [J]. Dianzi Yu Xinxi Xuebao/Journal of Electronics and Information Technology, 2020, 42 (09): : 2126 - 2133
  • [25] An malicious email detection method based on support vector machine
    Hong, P
    Jun, W
    Wu, TF
    Zhang, DN
    [J]. 2004 8TH INTERNATIONAL CONFERENCE ON CONTROL, AUTOMATION, ROBOTICS AND VISION, VOLS 1-3, 2004, : 217 - 220
  • [26] Research on global positioning system M-code acquisition method and the acquisition performance
    Li, Hong
    Lu, Mingquan
    [J]. IET COMMUNICATIONS, 2014, 8 (05) : 587 - 596
  • [27] Code acquisition method based on wavelet transform filtering
    Wu, Chao
    Xu, Luping
    Zhang, Hua
    Zhao, Wenbo
    [J]. JOURNAL OF SYSTEMS ENGINEERING AND ELECTRONICS, 2015, 26 (06) : 1169 - 1176
  • [28] Research on Network Malicious Code Immune Based on Imbalanced Support Vector Machines
    Li Peng
    Wang Ruchuan
    [J]. CHINESE JOURNAL OF ELECTRONICS, 2015, 24 (01) : 181 - 186
  • [29] Code acquisition method based on wavelet transform filtering
    Chao Wu
    Luping Xu
    Hua Zhang
    Wenbo Zhao
    [J]. Journal of Systems Engineering and Electronics, 2015, 26 (06) : 1169 - 1176
  • [30] Research on Network Malicious Code Immune Based on Imbalanced Support Vector Machines
    LI Peng
    WANG Ruchuan
    [J]. Chinese Journal of Electronics, 2015, 24 (01) : 181 - 186
12345