首页 DataCon2020:DataCon2020大数据安全分析大赛,:trophy:【方向五】恶意代码分析冠军原始码

DataCon2020:DataCon2020大数据安全分析大赛,:trophy:【方向五】恶意代码分析冠军原始码

上传者: 42133969 | 上传时间: 2023-05-23 23:24:42 | 文件大小: 1.18MB | 文件类型: ZIP
数据大会2020 DataCon2020大数据安全分析大赛, :trophy: 【方向五】恶意代码分析冠军原始码和方案。 最终排名(部分) 赛题回顾 启发与思路 资格赛中获得的启发 ①〜②:需要关注虚拟机,调试软件,反编译软件,逆向分析工具和杀软名 ③〜⑤:需要关注系统关键路径,位数 ⑥〜⑦:需要关注域名,IP,端口,钱包地址,可见字符串 ⑧ ⑩:同③ ⑤ 逆向工程中得到的思路 通过逆向分析,发现许多样本函数名包含数据货币名,密码学算法名(哈希算法)。 很多带壳样本:UPX,Pelite,VMP…… 白样本含有很多其他类别恶意程序,如病毒,外挂…… 算法与模型 复赛环境建设说明: 复赛预脚本: 复赛测试脚本: 重复赛一键验证测试脚本: 本次初赛,附加赛与复赛我们队使用的五种算法或模型如下(其中在复赛中因为有性能的需求,部分模型未使用): 灰色图 PE文件二进制每一个字节对应一个变量,最后缩放

文件下载

资源详情

[{"title":"( 44 个子文件 1.18MB ) DataCon2020:DataCon2020大数据安全分析大赛,:trophy:【方向五】恶意代码分析冠军原始码","children":[{"title":"DataCon2020-master","children":[{"title":".gitignore <span style='color:#111;'> 1.76KB </span>","children":null,"spread":false},{"title":"README.md <span style='color:#111;'> 16.96KB </span>","children":null,"spread":false},{"title":"setup_run.sh <span style='color:#111;'> 43B </span>","children":null,"spread":false},{"title":"setup.txt <span style='color:#111;'> 115B </span>","children":null,"spread":false},{"title":"run.sh <span style='color:#111;'> 187B </span>","children":null,"spread":false},{"title":"old","children":[{"title":"gray.ipynb <span style='color:#111;'> 63.88KB </span>","children":null,"spread":false},{"title":"cg","children":[{"title":"cg.ipynb <span style='color:#111;'> 64.79KB </span>","children":null,"spread":false},{"title":"funtion_name_tdidf_stacking.ipynb <span style='color:#111;'> 72.50KB </span>","children":null,"spread":false},{"title":"funtion_name.py <span style='color:#111;'> 2.48KB </span>","children":null,"spread":false},{"title":"gen_fcg.idc <span style='color:#111;'> 529B </span>","children":null,"spread":false}],"spread":true}],"spread":true},{"title":"test.py <span style='color:#111;'> 3.71KB </span>","children":null,"spread":false},{"title":"feature_engineering_test.ipynb <span style='color:#111;'> 12.71KB </span>","children":null,"spread":false},{"title":"yara_check","children":[{"title":"check_crypto_by_static.py <span style='color:#111;'> 2.22KB </span>","children":null,"spread":false},{"title":"check_packer_by_static.py <span style='color:#111;'> 2.22KB </span>","children":null,"spread":false}],"spread":true},{"title":"test.ipynb <span style='color:#111;'> 353.40KB </span>","children":null,"spread":false},{"title":"train_pe_raw.py <span style='color:#111;'> 10.12KB </span>","children":null,"spread":false},{"title":"requirements.txt <span style='color:#111;'> 190B </span>","children":null,"spread":false},{"title":"images","children":[{"title":"image-20200817124655908.png <span style='color:#111;'> 98.98KB </span>","children":null,"spread":false},{"title":"image-20200817135007515.png <span style='color:#111;'> 132.85KB </span>","children":null,"spread":false},{"title":"image-20200817143339662.png <span style='color:#111;'> 45.56KB </span>","children":null,"spread":false},{"title":"image-20200817140709050.png <span style='color:#111;'> 25.70KB </span>","children":null,"spread":false},{"title":"image-20200817135158335.png <span style='color:#111;'> 23.23KB </span>","children":null,"spread":false},{"title":"image-20200817124742419.png <span style='color:#111;'> 106.72KB </span>","children":null,"spread":false},{"title":"image-20200817124336272.png <span style='color:#111;'> 233.03KB </span>","children":null,"spread":false},{"title":"image-20200817122734929.png <span style='color:#111;'> 32.68KB </span>","children":null,"spread":false},{"title":"image-20200817161633785.png <span style='color:#111;'> 27.50KB </span>","children":null,"spread":false},{"title":"image-20200817124803989.png <span style='color:#111;'> 75.31KB </span>","children":null,"spread":false},{"title":"image-20200817162530108.png <span style='color:#111;'> 31.73KB </span>","children":null,"spread":false}],"spread":false},{"title":"data","children":[{"title":"algorithm.txt <span style='color:#111;'> 247B </span>","children":null,"spread":false},{"title":"domain_suffix.txt <span style='color:#111;'> 6.57KB </span>","children":null,"spread":false},{"title":"dbg.txt <span style='color:#111;'> 125B </span>","children":null,"spread":false},{"title":"av.json <span style='color:#111;'> 18.29KB </span>","children":null,"spread":false},{"title":"vm.txt <span style='color:#111;'> 329B </span>","children":null,"spread":false},{"title":"OPCODE.txt <span style='color:#111;'> 11.30KB </span>","children":null,"spread":false},{"title":"coin.txt <span style='color:#111;'> 655B </span>","children":null,"spread":false},{"title":"pool.txt <span style='color:#111;'> 2.63KB </span>","children":null,"spread":false}],"spread":true},{"title":"rules","children":[{"title":"black_rules.yar <span style='color:#111;'> 10.44KB </span>","children":null,"spread":false},{"title":"crypto_signatures.yar <span style='color:#111;'> 74.23KB </span>","children":null,"spread":false},{"title":"packer.yar <span style='color:#111;'> 548.85KB </span>","children":null,"spread":false},{"title":"rule20.yar <span style='color:#111;'> 406.49KB </span>","children":null,"spread":false}],"spread":false},{"title":"run.py <span style='color:#111;'> 4.77KB </span>","children":null,"spread":false},{"title":"raw_features.py <span style='color:#111;'> 18.25KB </span>","children":null,"spread":false},{"title":"feature_engineering.py <span style='color:#111;'> 9.21KB </span>","children":null,"spread":false},{"title":"train_histogram.py <span style='color:#111;'> 3.94KB </span>","children":null,"spread":false}],"spread":false}],"spread":true}]

评论信息

其他资源

免责申明

【只为小站】的资源来自网友分享,仅供学习研究,请务必在下载后24小时内给予删除,不得用于其他任何用途,否则后果自负。基于互联网的特殊性,【只为小站】 无法对用户传输的作品、信息、内容的权属或合法性、合规性、真实性、科学性、完整权、有效性等进行实质审查;无论 【只为小站】 经营者是否已进行审查,用户均应自行承担因其传输的作品、信息、内容而可能或已经产生的侵权或权属纠纷等法律责任。
本站所有资源不代表本站的观点或立场,基于网友分享,根据中国法律《信息网络传播权保护条例》第二十二条之规定,若资源存在侵权或相关问题请联系本站客服人员,zhiweidada#qq.com,请把#换成@,本站将给予最大的支持与配合,做到及时反馈和处理。关于更多版权及免责申明参见 版权及免责申明

个人信息

下载历史

相关资源标签

热门下载

最新下载