%0 Journal Article
%T Obfuscated Malware Detection Based on Boosting Multilevel Features<br>提升多维特征检测迷惑恶意代码
%A KONG De-Guang
%A TAN Xiao-Bin
%A XI Hong-Sheng
%A GONG Tao
%A SHUAI Jian-Mei
%A <br>孔德光
%A 谭小彬
%A 奚宏生
%A 宫涛
%A 帅建梅
%J 软件学报
%D 2011
%I 
%X To cope with the problem of the low accuracy in detecting obfuscated malware, an algorithm to detect obfuscated malware based on boosting multi-level features is presented. After a disassembly analysis and static analysis for the obfuscated malware, the algorithm extracts features from three dimensions: opcode distribution, a function call graph, and a system call graph, which combines the statistic and semantic features to reflect the behavior characteristic of the malware, and then gives out the decision result based on weighted voting for a different feature analysis. It has been proven by experiment that the algorithms have a much higher accuracy on the testing dataset.
%K malware detection
%K multi-feature
%K obfuscate
%K boosting<br>恶意代码检测
%K 多维特征
%K 迷惑
%K 提升
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=9B39A6DF8D0A5984F555F011CC7AB0DE&yid=9377ED8094509821&vid=BC12EA701C895178&iid=38B194292C032A66&sid=91BAD12CFABB3251&eid=FF58680609C9D068&journal_id=1000-9825&journal_name=软件学报&referenced_num=0&reference_num=25