Virus detection method and virus detection device

A virus detection and virus technology, applied in the field of Internet security, can solve the problems of small data storage, large impact of the increase in the number of virus samples, and increased virus detection workload, etc., to achieve the effect of small signature database and fast calculation speed

Active Publication Date: 2015-06-10
BEIJING RISING NETWORK SECURITY TECH CO LTD
View PDF5 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Based on this, it is necessary to solve the problem that the traditional virus detection technology is greatly affected by the increase in the number of virus samples, which greatly increases the workload of virus detection and affects the efficiency of virus detection, and proposes a virus detection with fast virus scanning speed and small data storage capacity. method and device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virus detection method and virus detection device
  • Virus detection method and virus detection device
  • Virus detection method and virus detection device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the object, technical solution and advantages of the present invention more clear, the specific implementation of the virus detection method and device of the present invention will be described below with reference to the accompanying drawings. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0047] The method for virus detection of an embodiment of the present invention, such as figure 1 shown, including the following steps:

[0048] S100, extracting structural information of the execution file to be tested to form a feature vector.

[0049] What needs to be explained here is that an executable file refers to a binary file that can be run by the operating system. The content not only contains the necessary information specified by the system, but also presents different characteristics according to the functions to be implemented and the coding s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a virus detection method and a virus detection device. The method includes the following steps: extracting a structural information constitution feature vector of a to-be-detected executable file; calculating a feature Hash value of the feature vector according to a Hash algorithm; comparing the feature Hash value with sample files in a feature library to acquire a comparison sample with similarity, higher than a preset value, to the feature Hash value; determining a virus detection result of the to-be-detected executable file according to an analysis result of the comparison sample. The virus detection method and the virus detection device have the advantages that file virus detection is performed according to similarity matching of file structure types of virus samples instead of conventional feature codes and filtering rules; multiple sample files are stored in the feature library in a Hash value storage mode, the Hash value of the feature vector of the to-be-detected executable file is compared with a Hash value of a known sample to acquire the similar comparison file, and the virus detection result of the to-be-detected executable file is acquired according to the analysis result of the comparison file, so that calculation speed is high, and the generated feature library is small.

Description

technical field [0001] The invention relates to the technical field of Internet security, in particular to a virus detection method and device. Background technique [0002] In 2014, the number of malicious software showed explosive growth. According to the statistics of virus samples collected from January to December, an average of more than 3 million samples were found every month, which brought great difficulties to virus detection. Because traditional virus detection mainly uses methods such as signatures and filtering rules. The feature code generally selects binary data or strings that only certain types of viruses have, and engineers analyze and extract virus samples from them; filtering rules dynamically obtain various information of virus samples to summarize the common characteristics of all types of viruses, and engineers write corresponding ones. filter script. Due to the large number of newly collected samples every day, the efficiency of virus sample process...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 白金成徐敏雷震
Owner BEIJING RISING NETWORK SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap