Based on the research of layered semantic cognition, a new method of malicious code detection is proposed. With the ability of anti-aliasing, it can quickly identify the malicious code in the unknown program. Obtaining behavioral data via virtualizing the capture environment, implementing the hierarchical cognitive through abstracting layer by layer, and lastly, the method uses the Bayesian classifier to determine whether it's malicious. Meanwhile, in the detecting process, two ideas are involved - behavior normalized and combining static and dynamic. The test result shows that the detection speed of this method is higher and its accuracy rate is higher too.
展开▼