Supercharge Your Innovation With Domain-Expert AI Agents!

Program behavior feature extraction method, malicious program detection method and device thereof

A malicious program and feature extraction technology, applied in security devices, computer security devices, instruments, etc., can solve problems such as effective analysis of behavioral characteristics, inability to accurately identify malicious programs, and hidden dangers in user data security, so as to achieve rapid and effective identification Effect

Active Publication Date: 2019-04-26
BEIJING CHEETAH MOBILE TECH CO LTD +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the process of realizing the present invention, the inventor found that the prior art has at least the following problems: After the malicious program is encrypted or mutated, the malicious program cannot be accurately identified by static analysis technology
At the same time, for malicious programs controlled by remote control, such as malicious programs controlled by SMS commands, their behavior characteristics will vary according to different remote control commands, and the existing dynamic analysis technology cannot effectively analyze the behavior characteristics of such malicious programs. , user data security still has security risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Program behavior feature extraction method, malicious program detection method and device thereof
  • Program behavior feature extraction method, malicious program detection method and device thereof
  • Program behavior feature extraction method, malicious program detection method and device thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention. On the contrary, the embodiments of the present invention include all changes, modifications and equivalents coming within the spirit and scope of the appended claims.

[0035] In the description of the present invention, it should be understood that the terms "first", "second" and so on are used for descriptive purposes only, and cannot be interpreted as indicating or implying relative importance. In the description of the present invention, it should be noted that unless otherwise specified and limited, the terms "connected" and "connected...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Proposed are a method for retrieving a behavioral feature of software, and a method, an apparatus, and a client for detecting malicious software, where the method for retrieving a behavioral feature of software comprises the following steps: running software to be tested; receiving a first test short message, and acquiring a preset keyword invoked during matching of the software to be tested and the first test short message; and generating a second test short message according to the preset keyword, and retrieving a behavioral feature, which is generated according to the second test short message, of the software to be tested, and adding the behavioral feature into a behavioral feature set corresponding to the software to be tested. According to methods of the embodiments, fast, effective identification of a behavioral feature of malicious software can be implemented, and at the same time, a useful reference is provided for blocking and eliminating malicious software comprising harmful behavior.

Description

technical field [0001] The invention relates to the field of terminal security, in particular to a program behavior feature extraction method, device and client, and a malicious program detection method, device and client. Background technique [0002] With the continuous development of smart mobile terminals, malicious programs targeting smart mobile terminals have also increased significantly. Malicious programs can be added to various mobile applications. When a mobile application with malicious programs is installed on a mobile terminal, the malicious program will run in the background and perform corresponding operations according to received SMS instructions, such as collecting and uploading user location Data such as information or contacts, making calls to fixed numbers or changing user settings, etc., bring great security risks to users. Currently, the program package name and other static features can be analyzed by static analysis technology to determine the prog...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/566H04W12/128
Inventor 林坚明张楠陈勇
Owner BEIJING CHEETAH MOBILE TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com