基于随机Petri网的木马特征分析

Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics Pub Date : 2011-07-10 DOI:10.1109/ISI.2011.5984084

He Gao, Yuanzhuo Wang, Li Wang, Li Liu, Jinming Li, Xueqi Cheng

{"title":"基于随机Petri网的木马特征分析","authors":"He Gao, Yuanzhuo Wang, Li Wang, Li Liu, Jinming Li, Xueqi Cheng","doi":"10.1109/ISI.2011.5984084","DOIUrl":null,"url":null,"abstract":"Trojan's attack behavior has become increasingly common and diversifiable. How to judge Trojan-like features of the softwares which the users download has become the problem that the users concern about. In this paper, we first capture the software's behavior and related parameters from our virtual software test bed, then a modeling method using Stochastic Petri Nets is proposed, which supports quantitative analysis for the application software's behaviors. Based on the model, the similarity degree between application software and Trojan software is analyzed quantitatively. This analysis show that the model can be used to design an effective anti-Trojan system. The paper concludes with an example to illustrate the effectiveness of the model and analysis method.","PeriodicalId":220165,"journal":{"name":"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Trojan characteristics analysis based on Stochastic Petri Nets\",\"authors\":\"He Gao, Yuanzhuo Wang, Li Wang, Li Liu, Jinming Li, Xueqi Cheng\",\"doi\":\"10.1109/ISI.2011.5984084\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Trojan's attack behavior has become increasingly common and diversifiable. How to judge Trojan-like features of the softwares which the users download has become the problem that the users concern about. In this paper, we first capture the software's behavior and related parameters from our virtual software test bed, then a modeling method using Stochastic Petri Nets is proposed, which supports quantitative analysis for the application software's behaviors. Based on the model, the similarity degree between application software and Trojan software is analyzed quantitatively. This analysis show that the model can be used to design an effective anti-Trojan system. The paper concludes with an example to illustrate the effectiveness of the model and analysis method.\",\"PeriodicalId\":220165,\"journal\":{\"name\":\"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISI.2011.5984084\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2011.5984084","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

木马的攻击行为变得越来越普遍和多样化。如何判断用户下载的软件是否具有木马特征，已成为用户关注的问题。本文首先在虚拟软件测试平台上捕获软件的行为和相关参数，然后提出了一种基于随机Petri网的建模方法，该方法支持对应用软件行为的定量分析。在此基础上，定量分析了应用软件与木马软件的相似程度。分析表明，该模型可用于设计有效的反木马系统。最后通过一个算例说明了模型和分析方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trojan characteristics analysis based on Stochastic Petri Nets

Trojan's attack behavior has become increasingly common and diversifiable. How to judge Trojan-like features of the softwares which the users download has become the problem that the users concern about. In this paper, we first capture the software's behavior and related parameters from our virtual software test bed, then a modeling method using Stochastic Petri Nets is proposed, which supports quantitative analysis for the application software's behaviors. Based on the model, the similarity degree between application software and Trojan software is analyzed quantitatively. This analysis show that the model can be used to design an effective anti-Trojan system. The paper concludes with an example to illustrate the effectiveness of the model and analysis method.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics

自引率

0.00%

发文量