Fuzzy hashing algorithm-based malicious code detection system and method

A malicious code detection and fuzzy hash technology, applied in the field of malicious code detection, can solve problems such as poor detection effect and network bandwidth occupation, and achieve the effect of prolonging transmission time and improving technical effect.

Inactive Publication Date: 2012-12-05
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF4 Cites 60 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] The present invention uses the fuzzy hash algorithm in the cooperative detection of malicious codes by the client softwar...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fuzzy hashing algorithm-based malicious code detection system and method
  • Fuzzy hashing algorithm-based malicious code detection system and method
  • Fuzzy hashing algorithm-based malicious code detection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0055] Such as figure 1 As shown, it is a schematic diagram of the malicious code detection system based on the fuzzy hash algorithm of the present invention, including:

[0056] Client 101 and cloud server 102, wherein, client 101 is used for calculating the fuzzy hash value of object to be detected, and transmits to cloud server 102, waits for cloud server 102 to return judgment result, thinks that described object to be detected is malicious code or It is considered that the object to be detected is not malicious code or that the object to be detected needs further judgme...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a fuzzy hashing algorithm-based malicious code detection system and a fuzzy hashing algorithm-based malicious code detection method. The system consists of a client and a cloud server. The client calculates a fuzzy hash value of an object to be detected, and transmits the fuzzy hash value to the cloud server. The cloud server compares the fuzzy hash value with fuzzy hash values of known normal files, and determines that the object to be detected is a normal file if one of obtained similarities is higher than a white list threshold value. The cloud server compares the fuzzy hash value with fuzzy hash values of known malicious codes, and determines that the object to be detected is a malicious code if one of obtained similarities is higher than a blacklist threshold value. The client transmits back the whole object to be detected under other conditions, and the object to be detected is further detected by adopting the conventional cloud searching and killing method. Compared with the conventional cloud-based malicious code detection technology, the method and the system have the technical effects of larger data transmission size, lower network resource consumption and better malicious code detection effect.

Description

technical field [0001] The invention relates to a malicious code detection technology, in particular to a system and method for cooperatively detecting malicious codes by client software and a cloud server using a fuzzy hash algorithm. Background technique [0002] Malicious code is one of the most serious threats in information security. How to detect malicious code efficiently and with high quality is a core issue in this field. [0003] In recent years, tens of thousands of malicious code samples appear every day, which brings about the growth of the number of features required to detect malicious code and the increase of required hardware resources. Traditional antivirus software stores the signature database on the client, and uses the client to directly detect, occupying and consuming the disk space and computing resources of the user's computer, and there is a problem of signature database upgrade. Therefore, at present, most anti-virus vendors have launched malicio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/26
Inventor 肖梓航李柏松肖新光
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap