Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Malware program sample family naming method and device

A malicious program and sample technology, which is applied in the field of malicious program sample family naming methods and devices, can solve the problems of inconvenient malicious program sample family security processing, no effective naming scheme for malicious program sample families, etc., and achieve the effect of improving security processing efficiency

Active Publication Date: 2018-08-17
QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, no effective naming scheme for malicious program sample families has been proposed in the prior art, which is not convenient for safe processing of malicious program sample families

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malware program sample family naming method and device
  • Malware program sample family naming method and device
  • Malware program sample family naming method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings. Here, the exemplary embodiments and descriptions of the present invention are used to explain the present invention, but not to limit the present invention.

[0042] The inventor considers that, on the one hand, before naming the sample family, it is necessary to accurately determine the sample family, and the existing malicious program sample clustering methods include dynamic clustering and static clustering, but for malicious program samples Regardless of whether dynamic clustering or static clustering is performed, the clustering results obtained are not accurate. For example, some behaviors of samples may not be triggered during dynamic clustering, resulting in incomplete collection of sample behaviors. At this time, th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a naming method and device of a malicious program sample family. The method comprises the following steps: carrying out dynamic clustering on malicious program samples to obtain the dynamic clustering results of the malicious program samples; carrying out static clustering on the malicious program samples to obtain the static clustering results of the malicious program samples; according to the static clustering results, screening the dynamic clustering results, and forming a malicious program sample database on the basis of the screened dynamic clustering results; and according to the attribute of samples contained in each sample family, carrying out naming for each sample family in the malicious program sample database. The naming method and device can realize the naming of the malicious program sample family so as to conveniently carry out safe processing on the malicious program sample family.

Description

technical field [0001] The invention relates to the technical field of computer software, in particular to a method and a device for naming malicious program sample families. Background technique [0002] With the development of information technology, people's work and life are increasingly inseparable from the Internet. While the Internet brings great convenience, there are also many security problems. In recent years, the number of computer malicious programs has developed rapidly, including large-scale outbreaks of malicious programs such as viruses, worms, and Trojan horses, which have caused huge threats and property losses to computer users. Due to the large number of variants of malicious program samples and the great similarity of the source codes of the samples produced by the same author, it is very necessary to find the correlation between samples and perform homology analysis on a large number of samples. , which involves the clustering of massive samples. Se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06F17/30
CPCG06F16/35G06F21/56
Inventor 计东韩鹏
Owner QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com