Research on a malicious code behavior acquisition method based on the Bochs virtual machine

被引：0

作者：

Liu, H. Y. ^{[1
]}

Cui, Y. J. ^{[1
]}

机构：

[1] Acad Armored Forces Engn, Dept Informat Engn, Beijing, Peoples R China

来源：

CIVIL, ARCHITECTURE AND ENVIRONMENTAL ENGINEERING, VOLS 1 AND 2 | 2017年

关键词：

D O I：

暂无

中图分类号：

X [环境科学、安全科学];

学科分类号：

08 ; 0830 ;

摘要：

Bochs is an open source IA-32 (x86) emulator written in C++ that simulates the entire PC platform, including CPU, I/O devices, memory, and BIOS. This paper presents a method to acquire the behavior of a malicious code based on the Bochs virtual machine. It intercepts the instruction stream and data stream information conditionally when a malicious code is running in Bochs by redesigning the Bochs system, and then it records and parses the intercepted information. It also gets the system call information by linear address analysis so as to provide the executed system calls of a malicious code for the following behavior analysis. Experiments show that this method can effectively acquire the behavior characteristics of malicious codes.

引用

页码：1309 / 1312

页数：4

共 50 条

[41] Mobile Internet Malicious Application Detection Method based on Support Vector Machine
Jing, Li
[J]. 2017 INTERNATIONAL CONFERENCE ON SMART GRID AND ELECTRICAL AUTOMATION (ICSGEA), 2017, : 260 - 263
[42] One Kind of Fast Acquisition Technology Research Based on Parallel Pseudo-code Acquisition
Zhang, Wen
Han, Hangcheng
[J]. 2016 9TH INTERNATIONAL CONGRESS ON IMAGE AND SIGNAL PROCESSING, BIOMEDICAL ENGINEERING AND INFORMATICS (CISP-BMEI 2016), 2016, : 1118 - 1122
[43] Research on Capsule Filling Machine Based on Virtual Prototype
Wang, Guihe
Xiao, Feng
Wang, Wanshan
[J]. PRECISION ENGINEERING AND NON-TRADITIONAL MACHINING, 2012, 411 : 64 - +
[44] Research on the Performance of xVM Virtual Machine Based on HPCC
Zhao, Tiezhu
Ding, Yilong
March, Verdi
Dong, Shoubin
See, Simon
[J]. FOURTH CHINAGRID ANNUAL CONFERENCE, PROCEEDINGS, 2009, : 216 - +
[45] Research on malicious domain name detection method based on deep learning
Ren, Fei
Jiao, Di
[J]. PROCEEDINGS OF 2024 3RD INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, NETWORK SECURITY AND COMMUNICATION TECHNOLOGY, CNSCT 2024, 2024, : 81 - 85
[46] Research on the Control Method based on Virtual Synchronous Machine Technology of AC/DC Distribution Device
Lu, Limin
Li, Xufeng
Cheng, Lexiang
Li, Wenbing
Lv, Zhipeng
Wang, Jianhua
[J]. 2019 IEEE THIRD INTERNATIONAL CONFERENCE ON DC MICROGRIDS (ICDCM), 2019,
[47] A Study on Detection of Malicious Behavior Based on Host Process Data Using Machine Learning
Han, Ryeobin
Kim, Kookjin
Choi, Byunghun
Jeong, Youngsik
[J]. APPLIED SCIENCES-BASEL, 2023, 13 (07):
[48] Malicious Mining Behavior Detection System of Encrypted Digital Currency Based on Machine Learning
Bie, Mu
Ma, Haoyu
[J]. Mathematical Problems in Engineering, 2021, 2021
[49] Malicious Mining Behavior Detection System of Encrypted Digital Currency Based on Machine Learning
Bie, Mu
Ma, Haoyu
[J]. MATHEMATICAL PROBLEMS IN ENGINEERING, 2021, 2021
[50] Research on the Acquisition of Human Behavior Data Based on Kinect
Liu, Xueping
Li, Yibo
[J]. PROCEEDINGS OF THE 30TH CHINESE CONTROL AND DECISION CONFERENCE (2018 CCDC), 2018, : 3607 - 3611

← 1 2 3 4 5 →