Successive memory image analysis method for malicious codes

In order to detect the behavior of malicious code more comprehensively, the technology of continuous memory image analysis was proposed. The core idea was to run malicious code in QEMU virtual machine, to obtain the memory image of the continuous increment in the running period, and then to analyze...

Full description

Bibliographic Details
Published in:网络与信息安全学报
Main Authors: Wei-ming LI, De-qing ZOU, Guo-zhong SUN
Format: Article
Language:English
Published: POSTS&TELECOM PRESS Co., LTD 2017-02-01
Subjects:
malware
memory image
comparative analysis
data visualization
Online Access:http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00144

Internet

http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2017.00144

Similar Items