Method and system for detecting malicious codes based on uniform resource locator

A malicious code detection and resource locator technology, which is applied in the fields of instruments, electrical digital data processing, computer security devices, etc., to achieve the effect of simple use, good detection rate, and improved detection rate

Active Publication Date: 2012-12-26
HARBIN ANTIY TECH
View PDF2 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of the above deficiencies, the present invention provides a method and system for detecting malicious codes based on uniform resource locators, which solves the deficiencies and limitations of current anti-virus software feature code matching and URL filtering, and greatly improves the detection of malicious Trojans. out rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting malicious codes based on uniform resource locator
  • Method and system for detecting malicious codes based on uniform resource locator
  • Method and system for detecting malicious codes based on uniform resource locator

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0047] like figure 1 As shown, a method for extracting malicious code signatures based on uniform resource locators is provided, including:

[0048] S101: Put the malicious code of the same family into a simulation system (virtual machine or honeypot, including an environment that provides a trigger for normal operation of the malicious code) that simulates the user environment to run.

[0049] S102: The network communication data generated after the malicious code runs is captured and analyzed by a network protocol analysis tool, and the URL data therein is collected. The ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for detecting malicious codes based on a uniform resource locator. The method comprises the following steps of: monitoring a computer operating system and acquiring URL (uniform resource locator) of an access network of the system; acquiring Query domain information of the URL through analyzing the URL; carrying out pattern-matching for the Query domain information and the characteristic data pre-stored in the Query domain virus feature base; if the matching is successful, judging that the malicious codes exist, and carrying out corresponding treatment according to the preset operation; or else, continuing monitoring. The invention provides a system for detecting the malicious codes based on the uniform resource locator. The method and the system for detecting the malicious codes based on the uniform resource locator have a simple use manner, do not use huge virus characteristic data and have good detection rate for the malicious codes of stealing ID.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a URL (Uniform Resource Locator, uniform resource locator)-based Trojan horse detection method and system. Background technique [0002] With the widespread popularity of the Internet, people's activities on the Internet are increasing day by day, and protecting virtual property in the network world has become one of the main tasks of anti-virus software. At present, the main detection method of anti-virus software is signature matching. Virus manufacturers need to continuously upgrade virus signature databases to fight against the constantly updated Trojan horse programs of network hackers. At this stage, many hackers who do not know how to write programs can buy ready-made Trojan horse programs. Some large software protection organizations or individuals have launched a lot of encrypted protection shells to protect software intellectual property rights and oth...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00
Inventor 刘佳男苏培旺胡星儒李柏松童志明张栗伟
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap