A Methodology to Detect Malware Based on Registry Hive Files
-
摘要: 研究当今恶意程序的发展趋势,系统比较了在注册表隐藏和检测方面的诸多技术和方法,综合分析了它们存在的不足,提出了一种基于注册表Hive文件来进行恶意程序隐藏检测的方法,使得针对恶意程序的检测更加完整和可靠。实验表明,该方法可以检测出当前所有进行了注册表隐藏的恶意程序。Abstract: Based on the research on the current developing trends of malicious programs, comparing systematically the various technologies and methodologies with respect to the hiding and detection of registry. analyzing comprehensively their deficiencies existing, we provide a brand-new hiding and detection method based on hive files of registry, which makes the detection especially on malicious programs more integrated and reliable. The experiment indicates that this method can detect all the current malicious programs which hide registry.
-
Key words:
- Hive files /
- malware /
- registry hiding and detection /
- Rootkit
计量
- 文章访问数: 4646
- HTML全文浏览量: 229
- PDF下载量: 121
- 被引次数: 0