首页> 外国专利> METHOD OF DETECTING POLYMORPHIC SHELL CODE

METHOD OF DETECTING POLYMORPHIC SHELL CODE

机译：检测多态壳码的方法

页面导航

摘要
著录项
相似文献

摘要

There is provided a method of detecting a polymorphic shell code. The decoding routine of the polymorphic shell code is detected from received data. In order for the decoding routine to access the address of an encoded code, the address of a currently executed code is stored in a stack, the value is moved in a register table, and it is determined whether the value is actually used for operating a memory. Emulation is finally performed and the degree of correctness of detection is improved. Therefore, time spent on detecting the polymorphic shell code and an overhead are reduced and the correctness of detection is increased.

机译：提供了一种检测多态外壳代码的方法。从接收到的数据中检测出多态外壳代码的解码例程。为了使解码例程访问编码代码的地址，将当前执行的代码的地址存储在堆栈中，将该值移动到寄存器表中，并确定该值是否实际用于操作记忆。最后进行仿真，并提高检测的正确性。因此，减少了用于检测多态外壳代码的时间和开销，并且提高了检测的正确性。

著录项

公开/公告号US2009158431A1

专利类型
公开/公告日2009-06-18

原文格式PDF
申请/专利权人 DAE WON KIM;IK KYUN KIM;YANG SEO CHOI;SEUNG YONG YOON;BYOUNG KOO KIM;JIN TAE OH;JONG SOO JANG;
展开▼

申请/专利号US20080333490
发明设计人 JONG SOO JANG;YANG SEO CHOI;IK KYUN KIM;SEUNG YONG YOON;BYOUNG KOO KIM;DAE WON KIM;JIN TAE OH;
展开▼

申请日2008-12-12
分类号G06F11/00;
国家 US
入库时间 2022-08-21 19:36:17

相似文献

专利
外文文献
中文文献