Universal vulnerability detection method and system based on script virtual machine

A general-purpose detection and virtual machine technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as difficulty in detection, inability to detect unknown loopholes, 0day loopholes, etc., to improve the detection rate and improve the general recognition effect. Effect

Active Publication Date: 2011-05-04
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF3 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] As webpage Trojan horse scripts are exploited according to script vulnerabilities to become the mainstream means of Internet virus transmission, the number of attack scripts using browser and system vulnerabilities continues to increase. Due to the change of a string and encryption, it will produce completely different binary data. Self-encryption and self-transformation are very easy. Nowadays, the Trojan horse scripts on the Internet usually use deformation and encryption methods. Compared with traditional PE (Portable Executable, portable executable file) format viruses, they are more diverse and easier to detect. more difficult
At the same time, because the location of the vulnerability exploited by the unknown vulnerability and the 0day vulnerability and the calling method used are unknown, the existing technology cannot detect the unknown vulnerability or the 0day vulnerability based on the known feature matching method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Universal vulnerability detection method and system based on script virtual machine
  • Universal vulnerability detection method and system based on script virtual machine
  • Universal vulnerability detection method and system based on script virtual machine

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0034] The present invention provides a general vulnerability detection method and system based on a script virtual machine. The method and system can greatly improve the detection rate of known vulnerability scripts, and have a good general identification effect on 0day vulnerabilities and unknown vulnerabilities.

[0035] Firstly, the general detection method for loopholes based on the script virtual machine provided by the present invention is introduced, and the specific implementation steps are as follows: figure 1 shown, including:

[0036] S101. Parse the webpage file...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a universal vulnerability detection method based on a script virtual machine, which comprises the following steps of: analyzing a web page file, and obtaining all JS (Java script) script programs contained in the web page file; taking all the JS script programs as input for forming a word linked list; taking the word linked list as the input, and using the script virtual machine to implement the JS script programs in the word linked list; and detecting whether malicious codes are contained in the JS script programs or not and whether the JS script programs utilize known vulnerabilities or not during the process of implementing the JS scrip programs. The invention further discloses a universal vulnerability detection device based on the script virtual machine, which can greatly improve the detection rate of known vulnerability scripts, has great universal identification effect for 0day and the unknown vulnerabilities, and can provide fast support for capturing the unknown vulnerabilities immediately.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a general detection method and system for loopholes based on a script virtual machine. Background technique [0002] As web page Trojan horse scripts are exploited according to script vulnerabilities to become the mainstream means of Internet virus transmission, the number of attack scripts using browser and system vulnerabilities continues to increase. Due to the change of a string and encryption, it will produce completely different binary data. Self-encryption and self-transformation are very easy. Nowadays, the Trojan horse scripts on the Internet usually use deformation and encryption methods. Compared with traditional PE (Portable Executable, portable executable file) format viruses, they are more diverse and easier to detect. more difficult. At the same time, since the location of the vulnerability exploited by the unknown vulnerability and the 0day vuln...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F21/57
Inventor 康学斌李石磊肖新光
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap