Malicious code detection method and system based on plurality of URLs (Uniform Resource Locator)

A malicious code detection and malicious code technology, applied in the field of computer network security, to achieve the effect of improving the detection rate

Active Publication Date: 2012-11-28
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF4 Cites 57 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides a method and device for detecting malicious codes based on multiple URLs, which solves the deficiencies and limitations of current anti-virus software feature code matching and URL filtering, and greatly improves the detection rate of malicious Trojan horse programs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code detection method and system based on plurality of URLs (Uniform Resource Locator)
  • Malicious code detection method and system based on plurality of URLs (Uniform Resource Locator)
  • Malicious code detection method and system based on plurality of URLs (Uniform Resource Locator)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0050] The present invention proposes a malicious code detection method based on multiple URLs, such as figure 1 As shown, the malicious code detection method based on multiple URLs of the present invention comprises steps:

[0051] S101. Capture network communication data packets, and capture all network data packets within a specified time period. You can use a packet capture tool, such as pcap, or write your own program to capture network packets.

[0052] S102, analyze and extract the URL in the data packet, the specific steps are as follows figure 2 As shown...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code detection method based on a plurality of URLs (Uniform Resource Locator), comprising the following steps of: capturing all network communication data packets within appointed time intervals; sequentially analyzing all the network communication data packets and extracting the URL in each data packet; carrying out formalization treatment on all the extracted URLs; matching the URLs (which are subjected to the formalization treatment) as URLs to be detected with a characteristic database; and if the matching is successful, carrying out matching with a data model base, determining threat types and outputting corresponding detection results. The invention further discloses a malicious code detection device based on the plurality of URLs. According to the malicious code detection method and system disclosed by the invention, the disadvantages and the limitation of current anti-virus software characteristic code matching and URL filtering are solved; and the detectable rate of a malicious Trojan program is greatly improved.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a multi-URL (Uniform Resource Locator, Uniform Resource Locator)-based malicious code detection method and system. Background technique [0002] The rapid development of the Internet in China, as of the end of June 2011, the scale of Chinese Internet users reached 485 million. The Internet underground economic industry chain has also continued to grow and develop, gradually forming a system architecture with a certain scale from the original single-chain structure. Malicious code from the initial infection to destroy the user system to steal personal or corporate user virtual, real property, private information, tamper with information, illegally control the user system, etc., its purpose is to obtain huge profits through illegal means. [0003] In order to protect the interests of the majority of netizens from infringement, anti-virus manufacturers and relevan...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/00
Inventor 胡星儒李柏松
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap