文化大學機構典藏 CCUR:Item 987654321/27876
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 47225/51091 (92%)
造访人次 : 14006739      在线人数 : 232
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻
    主页登入上传说明关于CCUR管理 到手机版


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/27876


    Title: 以VBScript病毒行為知識發展API病毒偵測
    The Research on Using VBScript Virus Behavior Knowledge to Detect API Viruses
    Authors: 鄭家憲
    Contributors: 資訊管理研究所
    Keywords: 病毒行為
    序列樣式資料挖掘
    規則式知識庫
    Date: 2006
    Issue Date: 2014-08-25 10:56:20 (UTC+8)
    Abstract: 隨著網際網路快速發展,病毒從過去的磁片傳播,演變至今改以網際網路傳播。而以Script腳本語言撰寫的病毒,可以透過HTML網頁以及E-mail電子郵件的方式,在很短的時間散播到世界各地。本研究以VBScript為對象,利用序列樣式資料挖掘的方法,歸納VBScript病毒的行為樣式,透過病毒前處理器和病毒行為分析器兩個單元,將病毒行為建構成病毒行為知識庫。病毒前處理器對VBScript病毒原始碼進行初步整理的動作,將整理後的病毒原始碼進行分群的動作,使得性質相同的病毒歸納成同一群組。病毒行為分析器利用序列樣式資料挖掘方法對每一個病毒群組作行為分析,找尋出屬於每一個群組特有的病毒特徵行為,將病毒特徵行為以規則式法則(rule-base)方式建構在病毒特徵行為知識庫中,另外建立起API函式知識庫,藉由VBScript病毒知識庫與所對應到相同行為API函式知識提供使用者有關API病毒偵測的知識規則。
    The viruses were spread through the floppy discs in the past, but now with the de-velopment of the Internet, they can be done through the Internet instead. Many com-mon viruses on the Internet are written using Script. This enables Script viruses to be dispersed extreme fast through HTML and Email. In this research, VBScript is the sub-ject. By way of Mining Sequence Pattern, the patterns of VBScript virus are discovered and a Virus Behavior Knowledge Base, which stores the virus be-haviors, is established.
    Two major steps are developed to explore virus behaviors. First, data pre-processor organizes VBScript virus codes and next the well-organized viruses will be grouped so that the viruses with similar characteristics are put in the same group. Second, the virus behavior analyzer concludes the unique behavior of vi-ruses in each virus group with Mining Sequence Pattern. The Rule-base approach is used to describe virus behavior in the Virus Behavior Knowledge Base and create related virus behavior API functions as well. These virus behavior API functions can then be used to establish an effective API virus detector.
    Appears in Collections:[資訊管理學系暨資訊管理研究所 ] 博碩士論文

    Files in This Item:

    There are no files associated with this item.



    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋