Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and apparatus for discovering malignancy of computer program

A computer program and malicious technology, applied in computer security devices, calculations, instruments, etc., can solve problems such as difficult to identify hidden virus programs, and achieve the effect of accurate and efficient discovery

Active Publication Date: 2009-01-21
BEIJING RISING NETWORK SECURITY TECH CO LTD
View PDF0 Cites 64 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this case, it is difficult to identify this kind of concealed virus program by using the existing simple behavior analysis method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and apparatus for discovering malignancy of computer program
  • Method and apparatus for discovering malignancy of computer program
  • Method and apparatus for discovering malignancy of computer program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The method and apparatus for discovering malicious behaviors of computer programs proposed by the present invention will be described in detail below in conjunction with specific embodiments. For ease of understanding, in the following embodiments, only the Windows operating system is used as an example for description. However, those skilled in the art can understand that the idea and spirit of the present invention can also be applied to other computer systems, not limited to the Windows operating system.

[0026] Like the aforementioned "grey pigeon" program, today's viruses or spyware no longer attack computers in a single process, but perform malicious actions in the process of creating and / or ending multiple processes, so that they It is easier to fool the monitoring of anti-virus software.

[0027] In addition, through the analysis of many computer virus programs and spyware today, it can also be found that malicious programs may be composed of some basic malici...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and a device for discovering malicious behaviors of computer programs. The behavior characteristics of vicious procedures are analyzed through using the method and the device which are provided by the invention and through using concepts of a process set which is monitored. The method for discovering the malicious behaviors of the computer programs which is provided by the invention comprises: monitoring actions which are executed by the computer programs, searching the process set which is related with the actions which are monitored in a process set library which is monitored, wherein the process set at least comprises information of at least one suspicious process which is related mutually on the creating relation, and judging whether the actions which are monitored belong to the malicious behaviors or not through association analysis according to the information which is recorded in the process set which is searched out if the process set which is related with the actions which are monitored is searched out.

Description

technical field [0001] The invention relates to a computer protection method and device, in particular to a method and device for instantly and accurately discovering malicious behavior of a computer program according to the behavior characteristics of the computer program. Background technique [0002] Since the world's first computer virus appeared in 1983, computer viruses have continued to evolve and update along with the development of computer and network technology for more than 20 years. Today, computer viruses such as Trojan horses, worms and backdoor programs can not only destroy computer systems, but also steal important information such as user account passwords, thereby seriously threatening people's normal use of computers, and may even cause huge economic losses. Therefore, how to prevent virus invasion has become a focus that people pay close attention to most. [0003] An important step to prevent virus attack is to identify the virus before the virus infri...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/22
CPCG06F21/566
Inventor 叶超
Owner BEIJING RISING NETWORK SECURITY TECH CO LTD
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More