Unlock instant, AI-driven research and patent intelligence for your innovation.
Program identification method and device based on machine learning
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A program identification and machine learning technology, applied in the computer field, can solve problems such as lag and low efficiency in identifying malicious programs, and achieve the effect of improving identification efficiency and saving manpower
Active Publication Date: 2014-03-12
360 TECH GRP CO LTD
View PDF2 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0004] The embodiment of the present application provides a program identification method and device based on machine learning to solve the problem of low efficiency and lag in identifying malicious programs in the prior art
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
no. 1 example
[0055] see figure 1 , a flow chart of the first embodiment of generating a model for identifying program types for this application:
[0056] Step 101: Input the extracted mass programs, the mass programs include malicious programs and non-malicious programs.
[0057] Step 102: Extract features from each input program, and classify the extracted features.
[0058] Specifically, analyze each program file, extract predefined features from the program file, generate feature vectors according to the extracted features, and the black and white attributes of each feature vector, and compile and generate corresponding The program's compiler type.
[0059]Step 103: According to the result of the classification, different types of features are trained using different decision machines to generate a training model or a training model set for identifying malicious programs.
[0060] Wherein, different decision machines use the same or different methods to train the features, including...
no. 2 example
[0061] see Figure 2A , the flow chart of the second embodiment of generating a model for identifying program types for this application:
[0062] Step 201: Input the extracted mass programs, the mass programs include malicious programs and non-malicious programs.
[0063] Step 202: Analyze each program file, and extract predefined features from the program file.
[0064] Step 203: Generate feature vectors according to the extracted features, and the black and white attributes of each feature vector.
[0065] Different feature categories contain different numbers of specific features. Taking the feature category of compilers as an example, the specific features of compilers that can be included are: VC4, VC5, VC6, VC7, VC8, Delphi, and BC. In the embodiment of the present application, a classification identifier can be assigned to each feature classification, for example, the classification identifier of the compiler is "1", and for each specific compiler feature, a feature ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The embodiment of the invention discloses a program identification method and device based on machine learning. The method comprises the following steps of: analyzing input unknown programs and extracting characteristics of the unknown programs; classifying the unknown programs according to the extracted characteristics; inputting the unknown programs into a generated training model and a corresponding decision-making machine for judging according to a classification result; outputting an identification result of the unknown programs, wherein the identification result is a malicious program or a non-malicious program. According to the invention, a machine learning technology is adopted to analyze a large quantity of program samples to obtain a model for indentifying the malicious programs; with the adoption of the model, a lot of labor power can be saved and the identification efficiency for the malicious programs is improved; on the basis of carrying out data mining on mass programs, inherent laws of the programs can be found out and nonevent malicious programs can be prevented, thereby preventing the malicious program from being not killed.
Description
technical field [0001] The present application relates to the field of computer technology, in particular to a method and device for program recognition based on machine learning. Background technique [0002] Malicious programs are a special class of programs, they usually sneak into the user's computer system without the user's knowledge and authorization, and attack the user's system in an improved manner. Malicious programs may include viruses, backdoor programs, Trojan horse programs, macro viruses, boot sector viruses, script viruses, and the like. Before checking and killing malicious viruses, the malicious program must first be identified. Taking checking and killing viruses as an example, in the prior art, the checking and killing is mainly carried out through character string signatures and simple manual summaries, and the viruses that are checked and killed are all already It is difficult to detect and kill new viruses. [0003] In the process of researching the...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More