2015 | OriginalPaper | Buchkapitel
DynamoRIO-Based Malware Detection System under 10G Network Environment
verfasst von : Yongping Xiong, Shizhong Wu, Tao Zhang, Yubo Deng, Wei Liu, Yongwei Xu
Erschienen in: Computer Science and its Applications
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
This paper designs a malware detection system under the high-speed network environment. In the system, all the traffic of the targeted network is captured by zero copy technology, then they are parsed and filtered by the protocol analysis engine, which restoring the original contents on the network. Finally, we take advantage of the Dynamic Binary Platform DynamoRIO with the characteristics of the buffer overflow attack analysis to detect the malware program of the network. Experimental results show that this system can effectively detect the malware program and outperform the popular antivirus software in the high-speed network environment.