Malicious code detecting system and method based on dynamic instrumentation

A malicious code detection and dynamic instrumentation technology is applied in the field of detection systems based on dynamic instrumentation to detect malicious behaviors of mobile terminal applications, and can solve problems such as user inconvenience, mobile device security threats, and security injuries.

Active Publication Date: 2015-06-17
GUANGDONG POWER GRID CO LTD INFORMATION CENT
View PDF4 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method of reporting viruses encountered during the use of the software is based on the premise of suffering safety injuries during actual use, w

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code detecting system and method based on dynamic instrumentation
  • Malicious code detecting system and method based on dynamic instrumentation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings and embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, not all of them.

[0032] see figure 1 , figure 1 It is a structural diagram of a malicious code detection system based on dynamic instrumentation according to an embodiment of the present invention.

[0033] A malicious code detection system based on dynamic instrumentation includes a server, a mobile terminal and a system simulator running the software to be detected on the server. The server includes the following:

[0034] The instrumentation manager 103 is used to re-customize the framework framework of the software to be tested in the system simulator 101, which includes an instrumentation strategy file and at least one probe function, and the instrumentation strategy file is used to be implanted in the sy...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code detecting system and method based on dynamic instrumentation. The method comprises the steps that a software to be detected is uploaded on a system simulator of a mobile terminal; a framework of the software to be detected of the system simulator is ordered again by an instrumentation manger of a server, an instrumentation strategy file is implanted into the system simulator, and one or more probe functions monitor an API function of the framework according to the instrumentation strategy file; a sound monitor of the server communicates with the mobile terminal and receives the operation behaviors and content of the software to be detected which are conducted to the API function and obtained by the probe functions; the detected content is compared with a malicious API sequence feature library, if the detected content exists in the malicious API sequence feature library, the software is marked to have malicious behavior operation, and if the detected extent does not exist in the malicious API sequence feature library, the software is marked to be safe, so that the safety of the software to be detected is determined. By means of the system and method, it is achieved that the software to be detected is installed and operated in the system simulator of the mobile terminal, and malicious codes are detected through instrumentation, so that it is avoided that safety hazards or hidden dangers are caused to the mobile terminal.

Description

technical field [0001] The invention relates to the field of mobile terminal application security, in particular to a detection system and method for detecting malicious behaviors of mobile terminal application programs based on dynamic stub insertion. Background technique [0002] With the development of the mobile Internet, the security of smartphones has become an area of ​​focus for the mobile Internet industry and mobile Internet users. The research on malicious code deformation technologies of mobile smart terminals includes repackaging technology, disassembly technology, flower instruction technology, Bytecode encryption technology and data encryption technology, etc., are divided into three levels according to the degree of danger of malicious code: severe, medium, and low. There are three main research methods. First, detect applications with malicious operations based on the vulnerability characteristics of the existing Android system; second, analyze the code to c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
Inventor 艾解清魏理豪邹洪崔磊龙震岳
Owner GUANGDONG POWER GRID CO LTD INFORMATION CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap