A method and device for actively defending against malicious programs

A technology of active defense and malicious programs, applied in the field of computer security, can solve the problems of low active defense effectiveness, lower active defense efficiency, and not too high level, etc., to achieve the effect of effective active defense

Active Publication Date: 2016-07-13
北京鸿享技术服务有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, since active defense is more likely to generate more false positives than traditional signature database matching and killing, the level of active defense against all program behaviors should not be too high
Moreover, if a high-level active defense is carried out against the behavior of all programs, the efficiency of active defense will also be reduced.
However, if the general level of active defense is low, it will allow some malicious programs to take advantage of it. Therefore, the effectiveness of the existing active defense is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for actively defending against malicious programs
  • A method and device for actively defending against malicious programs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0036] Embodiments of the invention may be applied to computer systems / servers that are operational with numerous other general purpose or special purpose computing system environments or configurations. Examples of well-known computing systems, environments and / or configurations suitable for use with computer systems / servers include, but are not limited to: personal computer systems, server computer systems, thin clients, thick cli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The method discloses a method, a device and a system for actively defending against malicious programs. The method includes monitoring the process creating operation of an unknown program to obtain a command line parameter under the execution of the created process; analyzing the command line parameter of the created process, and determining whether the created process is an uncompressing process at least according to the command line parameter under the execution of the created process; and if so, informing a drive program to record information generated by the uncompressing process to a first database and performing active defense monitoring on the information generated by the uncompressing process. The invention also discloses a device and a system for defending against the malicious programs.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a method, device and system for active defense against malicious programs. Background technique [0002] With the widespread use of computer technology in various fields of social life, malicious programs are also coming one after another like its appendages. Due to the infectiousness, replicability and destructiveness of these malicious programs, they have become a major problem plaguing computer use. [0003] Malicious program is an umbrella term for any software program intentionally created to perform unauthorized and often harmful acts. Computer viruses, backdoor programs, keyloggers, password stealers, Word and Excel macro viruses, boot sector viruses, script viruses (batch, windowsshell, java, etc.), Trojan horses, crimeware, spyware and adware, etc., are all are some examples of what could be called malicious programs. Take the Trojan horse as an example. The...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55
Inventor 张晓霖董杰
Owner 北京鸿享技术服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap