Spyware Adaptive Induction and Detection Method Based on Computer Immunity

A detection method and computer technology, applied in the field of information security, can solve problems such as false negatives

Active Publication Date: 2016-08-31
THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when detecting latent spyware, these methods are also prone to false negatives because they cannot generate significant red flags.
[0013] In general, the existing behavior-based detection methods have the ability of self-adaptation, low false alarm and anti-latency to varying degrees, but there is no method that can have these three characteristics at the same time.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Spyware Adaptive Induction and Detection Method Based on Computer Immunity
  • Spyware Adaptive Induction and Detection Method Based on Computer Immunity
  • Spyware Adaptive Induction and Detection Method Based on Computer Immunity

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The technical method of the present invention will be described in detail below in conjunction with the accompanying drawings. The implementation process of the spyware adaptive induction and detection method and system based on computer immunity is mainly divided into five steps, and the specific implementation scheme of each step is as follows:

[0066] 1. System Behavior Perception

[0067] While spyware is low-key, certain behaviors are bound to be done in order to make a profit. The perception of these behaviors is the starting point for the computers immune system to detect insidious spyware. The inherent behavior of spyware falls into three main categories:

[0068] 1) Hide appearance behavior

[0069] Spyware usually hides its own existence, which is mainly realized by hiding its own files, processes and related registry entries (used for the self-starting of spyware). Because normal applications rarely exhibit this behavior, when this behavior occurs, it ca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention introduce the principle that the natural killer (NK) in a human immune system induces a latent virus into an artificial immune system (AIS) and provides an artificial immune method based on artificial NK cells for self-adaptively discovering latent spyware. In the system, artificial NK can self-adaptively discover traces of the unknown spyware through learning and evolution, release some 'baits (induction factors)' which interests the spyware and induces the spyware to perform malice activities. The immune system can finally identify the spyware by sensing and relating the activated malice activities, so that detection rate of the spyware is increased. By the method, known and unknown spyware can be discovered, and good detection effect on highly-disguised spyware can be achieved.

Description

technical field [0001] The invention belongs to the technical field of information security, and invents a method for self-adaptive induction and detection of spyware based on computer immunity. Background technique [0002] From a prank at the beginning, to an accomplice of cybercrime, to a secret weapon of cyber warfare, malware has never stopped evolving in terms of purpose, concealment and complexity. In recent years, with the popularization of Internet applications, a kind of malicious software for the purpose of stealing valuable information—Spyware (Spyware) is becoming the number one threat to government, enterprise and personal information assets. [0003] Unlike traditional malicious software such as viruses and worms, which wreak havoc with great fanfare, the purpose of spyware is not to destroy computer systems or spread in the network, but to steal private or confidential information in computers to bring benefits to hackers or intelligence agencies. A typical ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06N3/00
CPCG06F21/566G06N3/126
Inventor 傅军杨欢芮平亮杨怡蒋飞
Owner THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap