Check patentability & draft patents in minutes with Patsnap Eureka AI!

Method and system for identifying script virus

A script virus, script technology, applied in the field of network security

Active Publication Date: 2009-11-25
北京东方微点信息技术有限责任公司
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The defective that existing technology exists is: because script virus itself is script source code or is easy to obtain script source code by simple conversion, and script program is written simply, and virus is easy to revise, adds the self-transformation, encryption of script itself, causes new Script viruses emerge rapidly, and feature matching can only identify existing script viruses, resulting in new viruses that can often be identified after causing harm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for identifying script virus
  • Method and system for identifying script virus
  • Method and system for identifying script virus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] figure 1 It is a flowchart of a method for identifying a script virus provided by an embodiment of the present invention. Assuming that the application programming interface (Application Programming Interface, API) function monitoring program is created by hooking the process, when the monitored process is a script interpreter, that is, the script host process such as "wscript.exe", identify the monitored process Whether a script is a script virus includes the following steps:

[0020] Step 11, monitor the action behavior of the script by hooking the component object model (Component Object model, COM) component object virtual function, and record the behavior of the script that is monitored, such as recording the monitored behavior to the behavior description Structural entities;

[0021] Step 12. When the monitored behavior of the script is a dangerous action, match the recorded behavior with the preset harmful script behavior rule. According to the description inf...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a Method and system for identifying script virus. The method includes: recording the monitored script behavior through the assembly object imaginary function monitoring script behavior of the hook assembly object model; matching the recorded behavior with the preset noxious script conduct rule when the monitored script behavior is the unsafe act; under the condition of the successful matching, judging that the script is the script virus. The script action behavior is monitored through the COM assembly object deficiency function, the monitored behavior is in the relation with the script, the monitored behavior can be matched with the noxious script conduct rule by recording the monitored script behavior, consequently the identification for the script virus is realized.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and system for identifying script viruses. Background technique [0002] Due to the simplicity of scripting language learning and programming, a large number of script viruses appear. Moreover, the script virus itself is the virus source code, or the script virus can easily obtain the virus source code through simple conversion, so the spread and variants of the script virus are more extensive. In addition, the script virus file itself does not have a specific format, so the script virus is easier to realize self-transformation, which leads to the emergence of more variant viruses, and sharply increases the harm caused by the script virus to the computer. [0003] In the prior art, security software uses a characteristic value matching method to identify viruses. The characteristic value matching method judges whether the program, code and data are viruses by ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F9/46G06F21/56
Inventor 崔素辉
Owner 北京东方微点信息技术有限责任公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com