%0 Journal Article
%T A Stack-related Method for Detecting Obfuscated System Calls of Malware<br>基于栈的恶意程序隐式系统调用的检测方法
%A LI Yi-Chao
%A HE Zi-Ang
%A CAO Yue
%A <br>李毅超
%A 何子昂
%A 曹跃
%J 计算机科学
%D 2008
%I 
%X This paper presents a method to detect obfuscated system calls of malware.The idea is to use address stack and address stack graph to detect obfuscated system calls of malware.An address stack is used to associate each element in the stack to the instruction that pushes the element.An address stack graph may be created by abstract interpretation of the binary executable and may be used to detect obfuscated calls.The experiment proves the method is effective.
%K Malware
%K Obfuscated calls
%K Address stack
%K Address stack graph<br>恶意程序
%K 隐式调用
%K 地址栈
%K 地址栈图
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=64A12D73428C8B8DBFB978D04DFEB3C1&aid=B20DCE6B3F7EED75BD56C47C45A4BEB7&yid=67289AFF6305E306&vid=6209D9E8050195F5&iid=0B39A22176CE99FB&sid=39EEF47180459690&eid=C36EC077A8A90308&journal_id=1002-137X&journal_name=计算机科学&referenced_num=0&reference_num=9