Key points are not available for this paper at this time.
Along with the popularization of computers, especially the wide use of Internet, malicious code in recent years has presented a serious threat to our world. In this paper, through the analysis against the suspicious behaviors of vicious program by function calls, we present an approach of malware detection which is based on analysis and distilling of representative characteristic and systemic description of the suspicious behaviors indicated by the sequences of APIs called under Windows. Based on function calls and control flow analysis, according to the identification of suspicious behavior, the technique implements a strategy of detection from malicious binary executables.
Wang et al. (Thu,) studied this question.