Advanced threat tracing method and system

An advanced and file technology, applied in the field of network information security, can solve the problem that security software cannot defend and detect, achieve fast and effective network-wide advanced threat detection, facilitate accountability and damage determination, prevent attacks or achieve large-scale attacks Effect

Inactive Publication Date: 2016-04-13
HARBIN ANTIY TECH
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Because traditional anti-malware software uses a blacklist mechanism and relies on simple signature scanning technology as the core technology, advanced threats are a combination of a series of dynamic attack behaviors, which cannot be detected by signature technology, and many advanced threats use System vulnerabilities and other technologies, which make traditional security software unable to defend

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Advanced threat tracing method and system
  • Advanced threat tracing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0029] The present invention provides a method embodiment of advanced threat tracing, such as figure 1 shown, including:

[0030] S101: The server side uses heuristic technology and dynamic sandbox technology to perform static and dynamic analysis on the advanced threat sample, obtains characteristic information of the advanced threat sample, and uses the characteristic information as a traceability characteristic;

[0031] S102: Generate an advanced threat tracing package according to the traceability feature;

[0032] S103: When a client requests to use the advanced threa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an advanced threat tracing method and system. The method comprises the following steps: acquiring an advanced threat tracing feature by statically and dynamically analyzing an advanced threat sample, and generating an advanced threat tracing packet; resolving the advanced threat tracing packet through a client; detecting files in a system by using the tracing feature; judging whether advanced threats exist or not; and tracing the files in which the threats exist. Through adoption of the method and the system, the defect that the advanced threats cannot be detected effectively in the prior art is overcome; the system information security is maintained more effectively; attacks are defended; attacks or further attacks to the system caused by potential advanced threats are prevented; and the advanced threats are effectively prevented from attacking or making a large scale of attacks to other equipment by taking a specified terminal as a spring board. Thus, rapid and effective whole-network advanced threat detection is realized.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a method and system for tracing advanced threats. Background technique [0002] Today's network threats have risen to the level of national strategy, and network attacks have also changed from malicious attacks against the public without a clear purpose to advanced threat attacks with specific goals for the purpose of launching information warfare. Because traditional anti-malware software uses a blacklist mechanism and relies on simple signature scanning technology as the core technology, advanced threats are a combination of a series of dynamic attack behaviors, which cannot be detected by signature technology, and many advanced threats use System vulnerabilities and other technologies make traditional security software unable to defend. Contents of the invention [0003] Aiming at the deficiencies and defects of the above-mentioned existing technologies...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/55G06F21/56
CPCH04L63/1416G06F21/554G06F21/56H04L63/1433H04L67/02
Inventor 庞齐关墨辰孙洪伟匡贺徐翰隆肖新光
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap