CHARACTER STRING-BASED MALWARE RECOGNITION METHOD AND SYSTEM, AND RELATED DEVICES

摘要

A character string-based malware recognition method, system and device, and a computer readable storage medium. According to the malware recognition method, TFIDF technology is used to collect statistics about importance of each character string extracted from a PE file comprised in software to be tested, character strings having high classification ability, high recognition degree, and high importance are selected, and malware recognition is completed by using the character strings having high importance as malware recognition features. The recognition method does not require manual recognition of malicious content by means of experience, is automatic and efficient, and achieves malicious content recognition with high accuracy and low omission.