Spyware self-adaptation induction and detection method based on artificial immunity

A detection method and computer technology, applied in the field of information security, can solve problems such as false positives

Active Publication Date: 2014-02-19
THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when detecting latent spyware, these methods are also prone to false negatives because they cannot generate significant red flags.
[0013] In general, the existing behavior-based de

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Spyware self-adaptation induction and detection method based on artificial immunity
  • Spyware self-adaptation induction and detection method based on artificial immunity
  • Spyware self-adaptation induction and detection method based on artificial immunity

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0065] The technical method of the present invention will be described in detail below in conjunction with the accompanying drawings. The implementation process of the computer immune-based spyware adaptive induction and detection method and system is mainly divided into 5 steps, and the specific implementation plan of each step is as follows:

[0066] 1. System behavior perception

[0067] Although spyware acts relatively low-key, it will inevitably implement certain behaviors in order to achieve profitability. The perception of these behaviors is the starting point for the computer immune system to discover hidden spyware. The inherent behavior of spyware is mainly divided into the following three categories:

[0068] 1) Hide appearance behavior

[0069] Spyware usually hides its existence, which is mainly achieved by hiding its own files, processes and related registry entries (used for spyware's self-starting). Since normal applications rarely have such behaviors, when this beh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention introduce the principle that the natural killer (NK) in a human immune system induces a latent virus into an artificial immune system (AIS) and provides an artificial immune method based on artificial NK cells for self-adaptively discovering latent spyware. In the system, artificial NK can self-adaptively discover traces of the unknown spyware through learning and evolution, release some 'baits (induction factors)' which interests the spyware and induces the spyware to perform malice activities. The immune system can finally identify the spyware by sensing and relating the activated malice activities, so that detection rate of the spyware is increased. By the method, known and unknown spyware can be discovered, and good detection effect on highly-disguised spyware can be achieved.

Description

Technical field [0001] The invention belongs to the technical field of information security and invents a spyware adaptive induction and detection method based on computer immunity. Background technique [0002] From the prank at the beginning, to the accomplice of cybercrime, to the secret weapon of cyber warfare, malware has never stopped evolving in terms of purpose, concealment, and complexity. In recent years, with the popularization of Internet applications, a kind of malicious software with the purpose of stealing valuable information-spyware (Spyware) is becoming the number one threat to government, enterprise and personal information assets. [0003] Unlike traditional malicious software such as viruses and worms, which engage in large-scale destruction, the purpose of spyware is not to damage computer systems or spread in the network, but to steal privacy or confidential information from computers to bring benefits to hackers or intelligence agencies. Typical Advanced Pe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06N3/00
CPCG06F21/566G06N3/126
Inventor 傅军杨欢芮平亮杨怡蒋飞
Owner THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap