Malicious code type detection method based on cloud mode

A malicious code and detection method technology, which is applied in the field of malicious code category detection based on cloud mode, can solve the problems of high dependence on network speed, decreased detection and killing efficiency, and inability to deal with it, so as to achieve high efficiency, avoid repeated detection, slow down the effect of expansion

Inactive Publication Date: 2012-09-12
HUAZHONG UNIV OF SCI & TECH
View PDF5 Cites 41 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] However, according to Moore's theorem, the processing performance of computers doubles every eighteen months, and the total number of malicious programs doubles every ten to twelve months (even with a faster trend). It will expand rapidly, and the cloud will not be able to handle it in t...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code type detection method based on cloud mode
  • Malicious code type detection method based on cloud mode
  • Malicious code type detection method based on cloud mode

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described in detail below in conjunction with the accompanying drawings.

[0038] like figure 1 As shown, the client intercepts the running of the program; the unique identification code database judges the uploaded unique identification code; the classification database judges the uploaded characteristic documents; the analysis center analyzes and judges the unknown program.

[0039] In the cloud mode, the client intercepts the running of the program. If it is a known program, it will directly judge whether the program is a malicious program; if it is an unknown program, it will extract the feature file of the unknown program through dynamic analysis, and upload it together with the unique identification code to On the cloud, if the identification code is hit on the cloud, the result will be returned directly. If it is still not hit, the feature document will be converted into a feature set for classification detection. If the clas...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code type detection method based on a cloud mode. The method comprises the following steps that: a cloud terminal carries out processing and analysis on a malicious code family to generate an initial classification database, generates a representative feature set for each category of malicious code family in the initial classification database, an access or execution operation of a program is intercepted at a client, an only identity value of the intercepted program is calculated, whether the only identity value exists in a local database or not is determined, if not, a specific feature document of the intercepted program is extracted, the only identity value and a specific feature document of the intercepted program is uploaded to the cloud terminal by the client, whether the only identity value exists in a cloud terminal database or whether the feature document belongs to a classification is determined, a final determination result is returned to the client, and the only identity value and the final determination result are written into the cloud terminal database and a client database respectively. According to the method, the rapid expansion of a feature library can be slowed down, the upload of suspicious programs is reduced, and the killing prevention efficiency of cloud security is raised.

Description

technical field [0001] The invention belongs to the field of cloud computing and computer system security, and in particular relates to a method for detecting malicious code categories based on a cloud mode. Background technique [0002] With the rapid development of computer technology and network applications, people rely more and more on information technology, and computer security is becoming more and more important and popular. In the face of endless security problems and explosive growth of malicious code, it is necessary to continuously improve and improve technology. To achieve timely and accurate interception and killing. [0003] Traditional malware detection and killing mainly rely on signature matching patterns. Signature code is a piece of program code extracted from malicious code by analysis engineers, which can distinguish the difference from normal code. During the killing process, the antivirus engine will read the program code and match all the signatur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08G06F21/00G06F21/56
Inventor 金海罗云峰邹德清羌卫中
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap