Unlock instant, AI-driven research and patent intelligence for your innovation.

Malicious code generator identification method and system based on software structure clustering

A software structure and malicious code technology, applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve problems such as endangering users

Active Publication Date: 2017-02-15
HARBIN ANTIY TECH
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Malicious code generators make it easy to write malicious code, thus resulting in the creation of large amounts of malicious code, endangering users in the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code generator identification method and system based on software structure clustering
  • Malicious code generator identification method and system based on software structure clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0027] The invention provides a malicious code generator identification method and system based on software structure clustering, which can effectively identify the malicious code generated by the malicious code generator, and then discover the template of the malicious code generator.

[0028] A malicious code generator identification method based on software structure clustering, such as figure 1 shown, including:

[0029] S101: Extract the time stamp information of the PE structure of the unknown sample;

[0030] S102: compare the time stamps of the samples using a dicho...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious code generator identification method and system based on a software structure cluster. The malicious code generator identification method comprises the steps that samples with the same timestamp are found, software structure information structure vectors of the samples with the same timestamp are extracted, Simhash values are calculated, the samples with Simhash distances smaller than an assigned value are found, in this way, the fact that the samples of the class have similar file structures can be judged, and codes are generated for a malicious code generator. The invention further provides a corresponding system structure. Through the method, the generator can be found by using the difference of the generator and a software structure generated through compilation, and the samples with the similar software structure can be found by using large-scale similarities.

Description

technical field [0001] The invention belongs to the technical field of computer network security, in particular to a method for identifying malicious code generators based on software structure clustering. Background technique [0002] The continuous development of computer networks has also promoted the development and evolution of malicious codes. The development and use of malicious codes has become increasingly clear. Many malicious codes, especially remote control tools, control servers, domain names, and some versions, are configurable. This is The work done by malicious code generators. Malicious code generators make it easy to write malicious code, thus resulting in the generation of a large amount of malicious code, endangering users in the network. Contents of the invention [0003] The invention provides a malicious code generator identification method and system based on software structure clustering, which can effectively identify the malicious code generated...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033G06F2221/2151
Inventor 康学斌童志明肖新光
Owner HARBIN ANTIY TECH