The Research And Realization Of Unwanted Code Monitoring System Based On Heuristic Algorithm

Nowadays, with the development of computer technology, especially computer networks, malicious code are constantly developing. The number of current malicious code has exponential growth than in the past. The traditional malicious code are basically in the form of the virus, but the current malicious code are all kinds of forms, such as worms, viruses, Trojan horses, malicious plug-ins. From the functional analysis, the traditional malicious code generally functioned specially on data breaches, but the current malicious code function on data theft, tampering and other functions, and also use of a large number of anti-debugging, anti-tracking , anti-detection techniques to the protect themselves. Evidently, the development of malicious code on computers has become increasingly significant harm and makes it more and more difficult to detecting them.To detect the malicious code, traditional anti-virus software only uses the method of binary characteristics of the code-matching techniques. Since the method must get the binary characteristics code of the malicious code, once the malicious code changes the characteristics code by encrypting its binary code, the method will completely fail. The traditional anti-virus software seems powerless to the current malicious code.Based on the very explanation of basic theory and key technology, such as pattern matching algorithm, heuristic scanning algorithms and virtual machine technology, the paper has researched deeply on the shortages of pattern matching algorithm of the current malicious code detection engine, and put forward the improved method. In addition, based on the research of heuristic algorithms and the engine using virtual machine technology to match the behavior characteristics, the paper set up a prototype system which combined the binary feature matching, feature matching and the method of behavioral detection of cloud.This research can improve the system resources and make full use of network resources to defend against malicious code intrusion, maintain a healthy environment of the Internet, thus and make positive sense to creating a harmonious network social.