Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Malicious Code Analysis and Detection Method Based on Dynamic Semantic Features

A semantic feature and malicious code technology, applied in the field of system security, can solve the problem of not being able to fundamentally reflect the maliciousness of malicious code, and achieve the effects of good universality, low detection cost, and accurate analysis and detection.

Active Publication Date: 2017-01-11
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF4 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Static analysis uses methods such as disassembly to analyze code features. From the perspective of grammatical features, some malicious codes can indeed be detected, but the grammar cannot fundamentally reflect the "maliciousness" of malicious codes. The semantics expressed by different grammars can be the same. of

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Malicious Code Analysis and Detection Method Based on Dynamic Semantic Features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. It should be understood that the described embodiments are only some of the embodiments of the present invention, not all of them. example. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0032] A kind of specific embodiment that realizes the present invention is as follows, the malicious code analysis detection method based on semantic feature, its steps are:

[0033] 1) Collect code samples needed to build a semantic feature database, and build a virtual environment for dynamically running malicious code;

[0034] 2) Select samples from the samples collected above, make them run in a virtual environment, monitor th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a malicious code analysis and detection method based on dynamic semantic features. The method comprises the steps that (1) codes to be analyzed and detected in a malicious sample library are dynamically operated in a virtual environment, the operation process of the codes to be analyzed and detected in the malicious sample library is monitored, and the primitive characters of the codes to be analyzed and detected in the malicious sample library are extracted; (2) API name information standing for the semantic features of the codes is screened out; (3) an API sequence semantic feature set standing for the semantic features of the codes is established; (4) a semantic feature library with representative semantic features is selected; (5) similarity detection is carried out between the semantic feature set of the codes to be detected and the semantic feature library to obtain a detection result, namely, whether the codes to be detected are benign codes or malicious codes is detected. According to the malicious code analysis and detection method based on the dynamic semantic features, different semantic features can be established according to different samples, good universality is achieved, a method for selecting representative features is proposed, the semantic features of the codes can be expressed accurately, the analysis and detection on the malicious codes are more accurate, and detection cost is low.

Description

technical field [0001] The invention belongs to the technical field of system security, relates to a malicious code analysis and detection method, in particular to a malicious code analysis and detection method based on code dynamic feature extraction and modeling. Background technique [0002] With the rapid development of computer technology, the Internet has brought a lot of convenience to people's life and work and has gradually become an indispensable part of people's daily life. Nowadays, people conduct various social activities and commodity transactions on the Internet, and there are many users' private information and potential economic benefits on the Internet, which attract many malicious attackers, who use various technical means to achieve their goals, among which One of the more common ways is through the use of malware. [0003] Any software involving eight phenomena including forced installation, difficult uninstallation, browser hijacking, pop-up advertisem...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 贾晓启李盟王蕊
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com