Research On Virus Detection Technology Based On Heuristic

The progress of Computer science and Internet technology greatly contributes to the various fields. At the same time, computer security problems cause people's widespread concern increasingly. A computer virus is a computer security hazard. Windows operating system occupies a large proportion in the users,so viruses that are most rampant and widely spread are mainly based on Windows viruses of PE file format.Serious harm of computer viruses promotes the development of virus detection technology. Conventional signature detection technology is one of the most widely used virus detection technology, and its characteristic is that it has high accuracy rate but it must rely on the characteristic of virus library. Virus signatures are saved in the virus database. Signature acquisition not only has a longer cycle and costs a lot of manpower, but also usually plays a role after a period of time in virus attack. So it does not have the ability to detect unknown viruses. In order to deal with unknown viruses, and reduce the harm of unknown viruses, it is imminent to study the new virus detection technology.Firstly, this paper studies the mechanism and anti-virus of the computer virus and studies the mainstream virus detection technology, such as signature detection technology,Calibration method, the behavior detection technology and artificial immune technology.Secondly it mainly studies the PE file virus, analyzes the structure of PE virus in detail and a variety of attack technologies that PE virus uses, such as variable address location technology,API address obtaining technology, and self-modifying code technologies such as encryption and polymorphism. This paper also studies the virtualization technology to adopt the virus of advanced technology. Finally, the feasibility of the proposed heuristic virus detection model described in this article is proved through experiment verification. The experimental results show that the method has high detection efficiency, and in terus of detecting unknown viruses has a relatively low rate in false positives and non-response.Heuristic detection model is based on heuristic feature can detect unknown viruses without feature updating,so it a certain reference value for scientific research to improve the detection efficiency of anti-virus products.