abstract<br>In this paper, signature-based scanning or signature-based malware detection is studied as a threat detection method, which uses database calibration to detect malware behavior patterns in users' computers. Malware pattern detection (scanning) scans a file and compares it with the malware patterns recorded in the database. If there is similarity between the list and the known pattern, the system will detect and prevent or delete threat files from entering the signature-based detection system, which mainly includes three parts: 1. Decoder and preprocessing II. Detection engine<br>3. Signature database<br>Signature scanning has such weakness 1. Monitoring doesn't work 2。 There is no real-time alarm 3. Attacks increased by 4. Data collection is very troublesome. Unable to detect new malware. Conclusion: Signature-based malware detection is to detect and check malware files by using signatures or file formats to determine the differences between malware files and ordinary files.
การแปล กรุณารอสักครู่..