CAJ | 학술논문

为提高恶意代码分析的完整性，提出基于环境智能匹配的恶意代码完整性分析方法。分析传统恶意代码完整性分析方法，指出使用传统方法分析的不足之处，分析影响恶意代码执行完整性的环境因素。在此基础上，提出一种实用化的恶意代码完整性分析方法。采用动静态结合的方式，对恶意代码的环境信息进行抽取，抽取信息并通过决策树方法进行进一步分析，得到最终配置信息。对大量样本进行完整性分析测试，测试结果验证了该方法的有效性。
위제고악의대마분석적완정성，제출기우배경지능필배적악의대마완정성분석방법。분석전통악의대마완정성분석방법，지출사용전통방법분석적불족지처，분석영향악의대마집행완정성적배경인소。재차기출상，제출일충실용화적악의대마완정성분석방법。채용동정태결합적방식，대악의대마적배경신식진행추취，추취신식병통과결책수방법진행진일보분석，득도최종배치신식。대대량양본진행완정성분석측시，측시결과험증료해방법적유효성。
To improve the integrity of malicious code analysis,the analysis method of malicious code integrity based on environ-ment matching was present.The traditional method of malicious code integrity analysis was analyzed,the shortcomings of tradi-tional analysis methods were pointed out,and the impact of malicious code integrity of environmental factors was analyzed.On this basis,a practical method for malicious code integrity analysis was proposed,a combination of static and dynamic methods was used to get malicious code environmental information.Then the information was extracted for further analysis using the deci-sion tree method to get the final configuration.Finally,the method was tested by a large number of samples and the effectiveness of the method was verified.