静态 根据规则
1.< malware detection based on deep learning algorithm> -Ding yuxin Zhu siyi
2.< Generative Malware outbreak Detection>
反汇编后 按照基本块的流程图绘制操作码运行树,从根到叶代表了执行路径,将路径整合链接为一个流,按流顺序提取OPcode
3.< A hybrid deep learning image-based analysis for effective malware detection>-Sitalakshmal Venkatraman, Mamoun Alazab ,R.Vinayakumar
1.反汇编提取API函数调用
2.提取二进制编码组成grayscale
4.< Dynamic data fusion using multi-input models for malware classification>
反汇编后提取 hex与Text// OPcode与元数据
5.< An improved Method for Packed malware Detection using PE Header and Section Table information>
反汇编后提取PE header与 Section Table Information
6.< A mobile malware detection method using beharior features in network traffic>
由pcap包转化为csv文件,从中提取HTTP标头,与 TCP Flow
动态 沙盒
1.< Analysis and Evaluation of Dynamic Feature-Based Malware Detection Mehod>
system-library sequency; operation counts; API-call Frequency ; API-call Sequences
API-calls 根据 核心功能的不同被分入6个不同的类 : network management ; memory management ; registry operation; file I/O ; processor and threads ;
socket .
2.< Improvement of malware detection and classification using API call sequence alignment and visualizaiton>
API hooking library 来挂取 API call sequences