Malicious code detecting method and system based on character string weight adjusting

A malicious code detection and weight adjustment technology, applied in the field of malicious code detection, can solve the problems of fixed strings and inability to deal with advanced sustainable attacks, and achieve the effect of reducing false alarm rate and solving time-consuming and labor-intensive effects

Inactive Publication Date: 2014-07-16
SHENZHEN ANZHITIAN INFORMATION TECH
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The present invention provides a malicious code detection method and system based on character strings to adjust weights. Through the method of the present invention, the problem that the character strings in the static

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code detecting method and system based on character string weight adjusting
  • Malicious code detecting method and system based on character string weight adjusting
  • Malicious code detecting method and system based on character string weight adjusting

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned objectives, features and advantages of the present invention more obvious and understandable, the technical solutions of the present invention will be further detailed below in conjunction with the accompanying drawings. Description.

[0035] The present invention provides a malicious code detection method and system based on character string adjustment weights. Through the method of the present invention, the static feature code detection method has fixed character strings and cannot cope with advanced sustainable attacks. Adjust at any time according to the black and white list to form a string library with high accuracy.

[0036] The invention provides a malicious code detection method based on string adjustment weights, including: suspicious program detection and string library update;

[0037] The suspicious...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious code detecting method and system based on character string weight adjusting. The method includes: building a character string library, and setting character string weight; using the character string library to perform matching detection on suspicious programs, and adding other character strings in the suspicious programs into the character string library if the suspicious programs are malicious; matching the character strings in the character string library with a blacklist and a white list according to preset time intervals, subtracting one form the corresponding character string weight if the character strings are matched with the white list, and adding one to the character string weight if the character strings are matched with the blacklist. By the method and system, self-learning of the character string library is achieved, character string weight is adjusted automatically at any time according to blacklist and white list matching, suspicious program detecting precision is increased, and false alarm rate is lowered.

Description

Technical field [0001] The present invention relates to malicious code detection technology, in particular to a malicious code detection method based on string adjustment weights. Background technique [0002] With the outbreak of network security incidents such as "Stuxnet worm", "dequ", and "Red October" in recent years, advanced sustainable attacks have attracted worldwide attention. Traditional malicious code detection and identification methods usually use static signature scanning to identify viruses. This method is characterized by mature computer virus technology and widespread spread of malicious code fragments, strong configurability and high replication rate of malicious code, which makes traditional The detection rate of malicious code recognition technology is relatively high. However, since most advanced sustainable attacks are well-organized and written and do not take the malicious code fragment features commonly circulated on the Internet, it is difficult to ide...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 张慧云李柏松
Owner SHENZHEN ANZHITIAN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap