Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System and method for searching and killing malicious codes based on expandable mode

A malicious code and extended mode technology, applied in the fields of instruments, digital data processing, computer security devices, etc., can solve problems such as deficiencies, and achieve the effects of easy addition and deletion, easy disposal and killing, and easy maintenance.

Active Publication Date: 2012-12-05
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a system and method for checking and killing malicious codes based on an extensible mode, which solves the deficiency and hysteresis of the current general checking and killing methods for malicious codes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for searching and killing malicious codes based on expandable mode
  • System and method for searching and killing malicious codes based on expandable mode
  • System and method for searching and killing malicious codes based on expandable mode

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0083] =| = | =| =| =

[0084] value:

[0085] 01. Full file path

[0086] value:

[0087] 01. FullFile / / full file

[0088] 02. FullPE / / full PE

[0089] 03. MZHeader / / Dos header and Dos body

[0090] 04. PEHeader / / PE head to PE tail

[0091] 05. AddressOfEntryPoit / / entry point

[0092] / / If Offset is +: then the entry point to the end of the file. If Offset is -: then the file starts to the entry point

[0093] 06. Import / / import table

[0094] 07. Export / / Export table

[0095] 08. Resource / / Resource section

[0096] 09. Section / / Each section When it is Section, Offset is: which section_offset, for example: =

[0097] 10. LastSection / / The last section

[0098] 11. PEAttach / / PE additional information

[0099] Value: Prefix + - Required. If Offset is 0, the head offset is +0 and the tail offset is -0

[0100] 01. + / / offset from the beginning

[0101] 02. - / / Tail start offset

[0102] Value: If not t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a system for searching and killing malicious codes based on an expandable mode. The system comprises a function component, a script component and an engine object, wherein the function component comprises a function module for implementing a malicious code processing strategy and supplies a lead-out interface for the function module; the script component comprises a processing script for implementing the malicious code processing strategy and supplies a calling interface for the processing script; the processing script calls the processing strategy corresponding to the function module through the lead-out interface of the function component; and the engine object manages and schedules the function component and the script component, executes the processing script in the script component, implements the malicious code processing strategy and finish searching and killing of the malicious codes. The invention also discloses a method for searching and killing the malicious codes based on the expandable mode. By the method and the system, according to the popular malicious codes of new varieties or new families, a searching and killing scheme can be formed at the first time and is easy to add, delete, expand and maintain; extra development and manual expense are avoided; and processing, searching and killing for the malicious codes are greatly facilitated.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a system and method for checking and killing malicious codes based on an extensible pattern. Background technique [0002] With the release of a large number of malicious code source codes, the increasing "popularity" of automatic virus generators, and malicious remote control software and some hacking tools, it is easier to get started and operate the production and use of malicious codes, and the technical threshold is getting higher and higher. In addition, the underground economic operation of malicious codes is becoming more and more "mature", so that malicious code technology no longer belongs to the private sector, but tends to develop in the direction of "professional technical teams"; illegal malicious code development and training websites on the Internet charge less and more Promoted the proliferation of malicious code. Based on the above reasons, there a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F9/44
Inventor 李柏松宋兵
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products