Method, device and system for detecting malicious process behavior

The technology of a detection device and detection method, applied in the computer field, can solve the problems that the malicious process behavior of viruses is difficult to be detected in time, and the monitoring ability of anti-virus software is limited, so as to improve reliability and flexibility, improve safety, and improve safety performance Effect

Active Publication Date: 2014-07-30
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF5 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, in some cases, for example, anti-virus software has limited monitoring capabilities, or for example, there are many types of viruses, a

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for detecting malicious process behavior
  • Method, device and system for detecting malicious process behavior
  • Method, device and system for detecting malicious process behavior

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052]In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0053] In addition, the term "and / or" in this article is only an association relationship describing associated objects, which means that there may be three relationships, for example, A and / or B, which may mean: A exists alone, A and B exist at the same time, There are three cases of B alone. In addition, the character " / " in this article general...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a method, a device and a system for detecting a malicious process behavior. The detection device is used for monitoring a process behavior of a process so as to acquire behavior information of a target process behavior, and sending the behavior information of the target process behavior to a server; the server detects the target process behavior according to the behavior information of the target process behavior to determine whether the target process behavior is a malicious process behavior, so that the detection device can receive first operation indicating information returned by the server according to a detection result of the target process behavior, and operate the target process behavior according to the first operation indicating information. The target process behavior is subjected to comprehensive detection by the server according to the behavior information of the target process behavior instead of appointed feature analysis on a single sample by the detection device, so that the malicious process behavior can be detected in time, and the safety of the system is improved.

Description

【Technical field】 [0001] The invention relates to computer technology, in particular to a method, device and system for detecting malicious process behavior. 【Background technique】 [0002] A virus is data compiled or inserted into an application program that destroys system functions, which will affect the normal use of the application program, and can also replicate itself, usually in the form of a set of instructions or program codes. Viruses, also known as computer viruses, can include but are not limited to Trojan horses, backdoors, LAN worms, mail worms, spyware, infectious viruses or Rootkits / Bootkits, which are destructive, replicable and contagious. [0003] However, in some cases, for example, antivirus software has limited monitoring capabilities, or for example, there are many types of viruses and their growth speed is particularly fast, etc. Therefore, it is difficult to detect malicious process behaviors caused by running viruses in time. 【Content of inventio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/566G06F21/56H04L63/1408H04L63/145H04W12/68G06F21/50G06F21/55G06F2221/034G06N5/048
Inventor 梅银明谢奕智岳华明胡汉中毕廷礼
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap