Software behavior credibility detecting method based on state transition diagram

A state transition diagram and detection method technology, applied in the field of information security, can solve problems such as complex models, low practicability, and overall security detection of difficult target software, and achieve real-time monitoring, simple operation, and clear layers

Active Publication Date: 2012-11-07
BEIJING UNIV OF TECH
View PDF2 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] These detection methods often only focus on abnormalities under the established behavior regulations, lack of systematic software behavior detection mechanism, it is difficult to detect the overall security of the target software, it is impossible to monitor the software behavior in real time, and it is even more difficult to locate the occurrence time and location of the abnormality. reason
Moreover, there are many factors of concern, the model is complex, and the practicability is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software behavior credibility detecting method based on state transition diagram
  • Software behavior credibility detecting method based on state transition diagram
  • Software behavior credibility detecting method based on state transition diagram

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Attached below figure 1 Specifically introduce the steps of the implementation method of the present invention:

[0039] See attached figure 1 , the invention is a software behavior credibility detection scheme based on a state transition diagram. The detection system is divided into five modules: 1. Data preprocessing module, 2. State diagram training module, 3. Behavior detection module, 4. Real-time monitoring module, 5. Abnormal alarm module. The detection process is as follows:

[0040] First, the data preprocessing module intercepts the system calls of the running software, digitizes them, and then uses the hidden horse model to transform the system call sequence into a state sequence of multiple call combinations.

[0041] Then the state sequence is sent to the behavior detection module, and the state sequence is grouped into a state graph, for example, a string of state sequences 1343452134345313445134345134345134345134345, the process of building a graph is a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a software behavior credibility detecting method based on a diagram. A detecting system is divided into five modules including a data preprocessing module, a state diagram training module, a behavior detecting module, a real-time monitoring module and an abnormal warning module, wherein the data preprocessing module is in charge of processing preliminary data; the state diagram training module is used for training a normal behavior base; the behavior detecting module is in charge of detecting behaviors according to the built diagram, and the detection module is divided into two layers, the first layer is used for detecting states and paths, and the second layer is mainly used for detecting weights; the real-time monitoring module dynamically stores detection results in a log mode; and the abnormal warning module warns when the detecting module detects abnormal conditions, and stops running software. A detecting model can monitor software behaviors in real time, and detects behaviors which do not belong to the software, aggressive behaviors and illegal input.

Description

Technical field: [0001] The invention aims to establish a software behavior credibility detection model to ensure behavior safety, and belongs to the field of information security. Background technique: [0002] Software is essentially a tool that replaces people to perform certain actions, and the credibility of software is mainly reflected in the credibility of its behavior. Professor Qu Yanwen believes that the credibility of software behavior refers to a statistical characteristic of whether software is running as a subject, relying on its own functions to use, operate, or historical records of objects to reflect whether it violates regulations, exceeds authority, and exceeds the scope. That is to say, a trusted software should be software whose behavior and results can be expected, and the behavior status during runtime can be monitored. [0003] Existing types of behavioral trustworthiness detection generally include trustworthiness evaluation, risk assessment, situat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F9/44
Inventor 赖英旭张文雯杨震刘静李健
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap