Malicious code capturing method and system

A malicious code and source code technology, applied in the field of malicious code capture methods and systems, can solve problems such as inability to capture malicious code, failure to fully consider malicious code, etc., and achieve the effect of improving capture capability and increasing coverage.

Active Publication Date: 2012-12-19
INST OF INFORMATION ENG CAS
View PDF5 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] However, the existing honeypot and honeynet technologies have not fully considered the malicious codes spread by social engineering based on the Email network, and have not made use of the above-mentioned social network fea

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code capturing method and system
  • Malicious code capturing method and system
  • Malicious code capturing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] The principles and features of the present invention are described below in conjunction with the accompanying drawings, and the examples given are only used to explain the present invention, and are not intended to limit the scope of the present invention.

[0059] The invention adopts the selection and deployment algorithm of the Email terminal virtual honeypot to allocate and optimize the use of virtual honeypot resources. This algorithm (that is, the selection and deployment algorithm of the virtual honeypot of the Email terminal, the same below) abstracts the Email network where the malicious code spreads into a social network weighted directed graph model composed of points and edges with the characteristics of a small-world model (denote is G=). Among them, the point (denoted as v i ) represents an Email account, and the edge (denoted as e k ) represents the communication mail between Email accounts, and the weight of the edge (denoted as w(e k )) indicates the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to malicious code capturing method and system. The malicious code capturing method includes acquiring email data from various email data sources; analyzing the email data, recording files, which cannot be eliminated according to set false negative rate, as suspicious files, and storing the suspicious files to suspicious file database; and detecting the suspicious files by malicious code feature database and manual detection; and storing the suspicious files with unusual detection results to malicious code sample database. The malicious code capturing method and system are applicable to a related honeypot and honeynet system, coverage range of captured objects can be increased, and capability of capturing malicious codes is improved.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a malicious code capture method and system. Background technique [0002] Malicious codes such as network worms, Trojan horses, and botnets emerge in an endless stream, which has brought great harm to network information security. In order to better analyze and detect malicious codes, defenders should first research ways to obtain a large amount of malicious codes in the Internet, and honeypot and honeynet technologies emerged and gradually emerged. Honeypot technology means that defenders provide virtual or real hosts, servers, and other intelligent terminals, or simulate related services, to be scanned and invaded by attackers, and then achieve the purpose of obtaining relevant malicious codes. A honeynet is a network with a certain topology composed of several interrelated honeypots, which can be regarded as a large-scale distributed honeypot system. Gen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/00
Inventor 云晓春李书豪张永铮臧天宁王一鹏
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap