中文摘要：

提出一种自动检测具有反分析能力的恶意软件的方法。在四种不同的分析环境中,采用两种不同类型的监控技术记录恶意程序执行的系统调用序列和指令序列。首先比较系统调用序列,如果发现不同,进一步比较指令序列,判断不同的原因是否由反分析导致。实验结果表明,该方法能检测出不同类型的逃避分析技术。

英文摘要：

This paper proposes a method to automatically detect anti-analysis malware.This approach records the traces of system calls and instructions executed by malware across four different analysis platform based on two monitoring and recording technologies.At first,the system call traces are compared.If a deviation exists,further comparison on instruction traces is needed to determine whether the root cause is anti-analysis or not.Experimental results have demonstrated that the approach can detect varies of analysis evasion technology.