| 基于空间向量计算的恶意文档检测技术 |
| |
| 作者姓名: | 李伟 苏璞睿 时云峰 |
| |
| 作者单位: | 1. 中国科学院研究生院,北京 100049;;
2. 中国科学院软件研究所,北京 100190;
3. 清华大学计算机系,北京 100084 |
| |
| 摘 要: | 通过对恶意文档的攻击方式、组成结构和攻击代码的全面分析,提出了一种基于空间向量计算的检测方法,针对典型的变形手段提出了有针对性的改进.对119个文档进行了检测,结果表明,与传统检测软件相比,该算法对恶意文档检测在漏报率和误报率上均具备一定优势.
|
| 关 键 词: | 恶意文档 数理统计 空间向量 |
| 收稿时间: | 2009-08-04 |
| 修稿时间: | 2009-12-01 |
A technique for detecting malicious documents based on calculation of vector spaces |
| |
| Authors: | LI Wei SU Pu-Rui SHI Yun-Feng |
| |
| Institution: | 1. Graduate University of the Chinese Academy of Sciences,Beijing 100049,China;
2. Institute of Software, Chinese Academy of Sciences,Beijing 100190,China;
3. Department of Computer Science and Technology, Tsinghua University,Beijing 100084,China |
| |
| Abstract: | Through a comprehensive analysis of the attack way, composition structure, and attack code of malicious documents, we present a detecting method based on the mathematical statistics and vector computation, and make targeted improvements for a typical deformation means. We tested 119 documents using this algorithm, and the results show that, compared with conventional detection software, this algorithm detects a malicious document with low fail-to-report rate and low false alarm rate. |
| |
| Keywords: | malicious file mathematical statistics vector space |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
|
