首页>
外国专利>
System and method for detecting obfuscated malware using code normalization
System and method for detecting obfuscated malware using code normalization
展开▼
机译:使用代码规范化检测混淆的恶意软件的系统和方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
Disclosed are systems, methods and computer program products for efficient and reliable analysis, optimization and detection of obfuscated malware. One disclosed example method for malware detection includes loading an executable software code on a computer system and disassembling the software code into an assembly language or other low-level programming language. The method then proceeds to simplifying complex assembly instructions and constructing a data flow model of the simplified software code. The dependencies and interrelations of code elements of the data flow model are analyzed to identify obfuscated software codes therein. The identified obfuscated codes are then optimized. Based on the results of optimization, determination is made whether the software code is malicious and/or whether further antimalware analysis of the optimized software code is necessary.
展开▼