中图分类号：TP309
文献标识码：A
DOI： 10.19358/j.issn.2096-5133.2020.01.004
引用格式：苏宏，丁建伟，陈周国。计算机程序基因技术初探［J］。信息技术与网络安全，2020,39（1）：19-23.

A study of computer program genetic technology

Abstract： Computer program genetic technology is developed in the confrontation game between the evolution of malicious programs and the detection and recognition technology.Traditional malicious program detection technology has been difficult to cope with the rapid and dynamic growth trend of malicious programs. Computer program genetic technology finds a new way for malicious program detection and analysis, by extracting the real behavior intention of the computer program from the assembly instruction layer so as to analyze and identify it.This paper gives the definition of the computer program gene and the method of extracting the computer program gene. In this way, the most original characteristics of the computer program can be found out. The analysis and detection can be improved effectively for the new malicious programs or the variant of malicious programs.

Key words : static analysis;dynamic analysis;program gene;basic block