Research on a malicious code behavior acquisition method based on the Bochs virtual machine

被引:0
|
作者
Liu, H. Y. [1 ]
Cui, Y. J. [1 ]
机构
[1] Acad Armored Forces Engn, Dept Informat Engn, Beijing, Peoples R China
来源
CIVIL, ARCHITECTURE AND ENVIRONMENTAL ENGINEERING, VOLS 1 AND 2 | 2017年
关键词
D O I
暂无
中图分类号
X [环境科学、安全科学];
学科分类号
08 ; 0830 ;
摘要
Bochs is an open source IA-32 (x86) emulator written in C++ that simulates the entire PC platform, including CPU, I/O devices, memory, and BIOS. This paper presents a method to acquire the behavior of a malicious code based on the Bochs virtual machine. It intercepts the instruction stream and data stream information conditionally when a malicious code is running in Bochs by redesigning the Bochs system, and then it records and parses the intercepted information. It also gets the system call information by linear address analysis so as to provide the executed system calls of a malicious code for the following behavior analysis. Experiments show that this method can effectively acquire the behavior characteristics of malicious codes.
引用
收藏
页码:1309 / 1312
页数:4
相关论文
共 50 条
  • [31] Research on the Method of Automatic Programming NC Code for Plasma Cutting Machine Based on DXF
    Li, Guoping
    Dai, Shanqiang
    Al, Changsheng
    Sun, Xuan
    Wang, Jun
    [J]. INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY AND ENVIRONMENT PROTECTION (ICSEEP 2015), 2015, : 915 - 922
  • [32] A Malicious Mining Code Detection Method Based on Multi-Features Fusion
    Li, Shudong
    Jiang, Laiyuan
    Zhang, Qianqing
    Wang, Zhen
    Tian, Zhihong
    Guizani, Mohsen
    [J]. IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING, 2023, 10 (05): : 2731 - 2739
  • [33] A Malicious Code Detection Method Based on FF-MICNN in the Internet of Things
    Zhang, Wenbo
    Feng, Yongxin
    Han, Guangjie
    Zhu, Hongbo
    Tan, Xiaobo
    [J]. SENSORS, 2022, 22 (22)
  • [34] A GAN-EfficientNet-Based Traceability Method for Malicious Code Variant Families
    Li, Li
    Zhang, Qing
    Kong, Youran
    [J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2024, 80 (01): : 801 - 818
  • [35] PBDG: a malicious code detection method based on precise behaviour dependency graph
    Tang, Chenghua
    Yang, Mengmeng
    Gao, Qingze
    Qiang, Baohua
    [J]. INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTER SECURITY, 2024, 23 (02)
  • [36] Deep visualization classification method for malicious code based on Ngram-TFIDF
    Wang, Jinwei
    Chen, Zhengjia
    Xie, Xue
    Luo, Xiangyang
    Ma, Bin
    [J]. Tongxin Xuebao/Journal on Communications, 2024, 45 (06): : 160 - 175
  • [37] Research on virtual machine resources dynamic allocation method based on revenue in cloud computing
    Guo, Jun
    Wu, Junkui
    Liu, Qiang
    Yan, Yongming
    Zhang, Bin
    [J]. Journal of Computational Information Systems, 2013, 9 (22): : 9235 - 9242
  • [38] A Machine Learning Based Reputation System for Defending Against Malicious Node Behavior
    Akbani, Rehan
    Korkmaz, Turgay
    Raju, G. V. S.
    [J]. GLOBECOM 2008 - 2008 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE, 2008,
  • [39] A Malicious Code Detection Method Based on Stacked Depthwise Separable Convolutions and Attention Mechanism
    Huang, Hong
    Du, Rui
    Wang, Zhaolian
    Li, Xin
    Yuan, Guotao
    [J]. SENSORS, 2023, 23 (16)
  • [40] A static Android malicious code detection method based on multi-source fusion
    Du, Yao
    Wang, Xiaoqing
    Wang, Junfeng
    [J]. SECURITY AND COMMUNICATION NETWORKS, 2015, 8 (17) : 3238 - 3246
12345