Hierarchical method to analyze malware behavior

This paper proposed a hierarchical method to analyze malware behavior,which firstly obtained behavior information according to the system call sequence in the run-time of the program,then analyzed their behavioral intentions and made hazard assessments.On the part of behavior detection,a behavior detection algorithm was designed,which utilized system calls and their arguments to identify the program behavior.On the part of behavior analysis,an evaluation model about the harms of malicious actions was established on the basis of summarizing a variety of malicious actions and their harms to computer system,together with a method being given to evaluate the harm of the code.