Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious program detection method

A malicious program and detection method technology, applied in the field of network security, can solve problems such as the difficulty of determination, the difficulty of killing or cleaning malicious programs, etc.

Active Publication Date: 2017-12-29
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In addition, in recent years, with the application of anti-killing technology by malicious program creators, more and more methods have appeared by packing malicious programs or modifying the signature codes of the malicious programs; and many Trojan horse programs have adopted more and more Frequent and rapid automatic transformations make it more and more difficult to judge malicious programs based on malicious behavior and / or malicious characteristics, thus causing difficulty in killing or cleaning malicious programs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious program detection method
  • Malicious program detection method
  • Malicious program detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The implementation of the present invention will be described in detail below in conjunction with the drawings and examples, so that the realization process of how to use technical means to solve technical problems and achieve technical effects in the present invention can be fully understood and implemented accordingly.

[0029] The core idea of ​​the present invention is: the server-side database establishes a whitelist of legal programs and collects and updates them; The characteristics and / or program behaviors are analyzed and compared in the white list, and the program is judged according to the comparison result and fed back to the client.

[0030] The white list detection method for malicious programs in the cloud security mode composed of a large number of client computers 102 -servers 104 will be described below. A cloud fabric is a large client / server (CS) architecture such as figure 1 Shown is a schematic diagram of the implementation mode of the present inv...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious program detection method, comprising: establishing a whitelist of legitimate programs in a database on a server side and collecting and updating; a client side collects program features and / or program behaviors of a program and sends them to the server side for query; The server performs analysis and comparison in the whitelist according to the program characteristics and / or program behavior, and judges the validity or trust value of the program according to the comparison result and feeds it back to the client. The present invention judges legitimate programs by using the white list, thereby judging illegal programs that do not belong to the category of the white list as malicious programs, and determining and killing malicious programs from another perspective.

Description

[0001] The patent application of the present invention is a divisional application of the Chinese invention patent application with the application date of August 18, 2010, the application number 201010256973.3, and the title "A Method for Malicious Program Detection Based on White List". technical field [0002] The invention belongs to the field of network security, and in particular relates to a malicious program detection method. Background technique [0003] Traditional anti-malware programs mainly rely on the signature database mode. The signature library is composed of the signature codes of malicious program samples collected by the manufacturer, and the signature code is the difference between the malicious program and the legitimate software that the analysis engineer finds, and intercepts a piece of program code similar to the "search keyword". During the killing process, the engine will read the file and match it with all the signature “keywords” in the signature...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/56
Inventor 周鸿祎齐向东
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com