Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious Code Integrity Analysis Method Based on Environment Reconstruction

A malicious code and analysis method technology, applied in the field of malicious code integrity analysis based on environment reconstruction, can solve problems such as low analysis efficiency, path explosion, memory leak, etc., to improve analysis efficiency, reasonably trigger, and reduce time overhead. Effect

Active Publication Date: 2018-03-20
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] Aiming at the problems of path explosion, memory leak, low analysis efficiency and program crash caused by forced modification of branch paths in the existing malicious code multi-path analysis methods, the present invention proposes a malicious code integrity analysis method based on environment reconstruction , using the present invention can effectively solve the problems existing in multipath analysis, and realize the integrity analysis of malicious codes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious Code Integrity Analysis Method Based on Environment Reconstruction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0036] Embodiment: The present invention proposes a malicious code integrity analysis method based on environment reconstruction. The analysis idea is: use the dynamic binary analysis platform Pin and the decompilation tool IDA to obtain the environment information that is perceived and sought during the execution of the malicious code, and use the Based on the obtained environmental information, the optimal execution environment for malicious code is constructed, and finally the malicious code is put into the dynamically constructed environment to run to achieve integrity analysis. Under the guidance of the above general idea, the analysis process is as follows figure 1 shown.

[0037]In the process of analyzing the integrity of the malicious code, the present invention adopts the combination of coarse-grained environment data extraction and fine-grained sensitive environment identification to jointly determine the execution environment required for triggering the hidden beh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an environmental reconstruction based malicious-code integrity analysis method. The method includes: extracting environmental data required during executing process in extracting malicious codes by using reasonable analytical strategies; performing dynamic reconstruction of the execution environment of the malicious codes on the basis of the environmental data; merging the malicious codes into the environment subjected to the dynamic reconstruction for analysis to acquire behavior information which is relatively integral. The problem existing in multipath analysis can be effectively solved, and analysis in integrity of the malicious codes is realized. Compared with a traditional analysis method, the integrity analysis method has the advantages that more reasonable triggering on the key paths can be realized, and accurate behavior characteristics are acquired.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a malicious code integrity analysis method based on environment reconstruction. Background technique [0002] With the rapid development of the Internet, the types and quantities of malicious codes are increasing. Generally speaking, malicious code is a general term for malicious software that realizes the bad intentions of attackers, including viruses, worms, Trojans, backdoors, zombies, spyware, adware, etc. Its harm is mainly manifested in stealing user privacy, confidential files, account information , destroy data, consume memory and hard disk space, etc. According to the 2014 Symantec (Symantec) investigation report, the amount of malicious code is increasing, and the threat is becoming more and more serious. [0003] During the evolution of malicious code attack technology, in order to achieve precise control and complete specific operations, different behavior ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 舒辉康绯光焱张骞彭小详
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com