METHOD AND DEVICE FOR IDENTIFYING A DISK BOOT SECTOR VIRUS, AND STORAGE MEDIUM

摘要

The present application discloses a method and a device for identifying a disk boot sector virus, and a storage medium. The method comprises steps of: obtaining a known behavior pattern that is prestored, and obtaining a master boot record (MBR) and disk data called when the MBR is executed; establishing a simulated execution environment according to the MBR and the disk data obtained, and simulating an execution process of the MBR; analyzing and recording a simulated behavior pattern of the MBR during the process of simulating the execution process of the MBR; and identifying a disk boot sector virus via a contrast analysis between the recorded simulated behavior pattern and the known behavior pattern. The solution of the present application has the beneficial effect that a new boot sector virus can be identified timely and accurately.