|
|
中国科学院研究生院学报 2010
A method for hidden malcode anomaly detection using dynamic control-flow analysis
|
Abstract:
The present study proposes a method for hidden malcode detection based on the analysis of dynamic control-flow. First we recorded the malcode-related control-flow paths of program,and then the control-flow paths were analyzed,by calling tree match algorithm,to detect the hidden malcode in the system. The experiments show that this method can detect hidden malcode efficiently at a high detection rate and with low false positive,and thus it can be applied to malcode detection on operating systems.
