广东东软学院本科生毕业设计(论文)一次利用 Python 开源工具的恶意代码分析实践A malicious code analysis practice using Python open source tools广东东软学院本科生毕业设计(论文)摘 要恶意代码的泛滥,给很多用户、企业带了很大的经济上的损失。恶意代码的制作者为了利益对恶意代码反分析技术做了很多工作,采用的技术手段也越来越复杂,防御起来也十分困难。因此,恶意代码的检测和分析也变得十分重要。本文主要是讲述了恶意代码,对其进行分类,通过现如今的恶意代码现状确立了恶意代码的研究,对恶意代码分析技术展开一系列的阐述,恶意代码可能存在的攻击行为,静态分析恶意代码,对特征码、行为特征以及文件完整性进行分析,恶意代码在仿真分析工具运行时对系统动态链接库的调用,恶意代码在内存中可能的所有执行路径进行动态分析。使用各种开源工具对恶意代码进行分析,为了避免恶意代码的流窜,在沙箱实现抓捕行为特征,并给出可视化的分析报告,为研究分析、检测恶意代码提供强大的支持以及后续技术研究对恶意程序的分析带了借鉴。关键词:恶意代码 开源工具 行为特征 行为分析 沙箱技术广东东软学院本科生毕业设计(论文)AbstractThe proliferation of malicious code has caused great economic losses to many users and enterprises. The producers of malicious code have done a lot of work on the anti-analysis technology of malicious code for the benefit, and the technical methods adopted are becoming more and more complicated, and it is very difficult to defend. Therefore, the detection and analysis of malicious code also becomes very important.This article mainly describes malicious code, classifies it, establishes the research of malicious code through the current status of malicious code, and launches a series of elaboration on malicious code analysis technology. , Analysis of signatures, behavioral characteristics, and file integrity, malicious code calls the system dynamic link library when the simulation analysis tool is running, and dynamic analysis of all possible execution paths of mal...
