Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web malicious code detection method and system

A malicious code detection and malicious code technology, applied in the field of real-time detection of malicious code, can solve the problems of difficult to achieve real-time and efficient detection of malicious code, difficult update of malicious code feature database, lagging behind malicious code, etc., to solve the problem that cannot be quickly and effectively found Effects of malicious code, solving false positives, and improving accuracy

Inactive Publication Date: 2016-04-13
YONYOU NETWORK TECH
View PDF6 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0019] 4. When there is a grammatical error or an infinite recursive call error in the javascript code, the browser will call window.onerror(), and the malicious webpage will judge that the current operating environment is Sandbox by deliberately introducing a grammatical error or an infinite recursive call error It is still a browser. If the sandbox of the security product implements incomplete error handling, for example, it may stop parsing when encountering a syntax error, instead of calling window.onerror like a real browser, then it may be maliciously Web exploits evade detection
[0024] This method has at least the following problems: 1) The malicious code signature database is difficult to be comprehensive and the update lags behind the emergence of malicious code, and the detection results will produce false negatives
2) The detection action is a periodic behavior, and there is a certain hysteresis
3) It is difficult to achieve real-time and efficient detection of malicious code in a large-scale deployment environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web malicious code detection method and system
  • Web malicious code detection method and system
  • Web malicious code detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] All features disclosed in this specification, or steps in all methods or processes disclosed, may be combined in any manner, except for mutually exclusive features and / or steps.

[0057] Any feature disclosed in this specification (including any appended claims, abstract and drawings), unless expressly stated otherwise, may be replaced by alternative features which are equivalent or serve a similar purpose. That is, unless expressly stated otherwise, each feature is one example only of a series of equivalent or similar features.

[0058] Such as figure 1 and 2 Shown, a kind of web malicious code detection method several systems, based on web application source code library, malicious code feature library, web page code behavior analysis, white list and manual analysis, comprehensive detection and judgment whether there is web malicious code; including the following steps :

[0059] (1) Install a malicious code detection proxy tool on the web application server. The ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a Web malicious code detection method and system. Based on a Web application source code database, a malicious code feature database, a webpage code behavior analysis, a white list and a manual analysis, whether a web malicious code exists is detected and determined comprehensively. The system comprises a malicious code detection agent module, a malicious code detection server white list module, a source code database query and detection module, a malicious code feature detection module, a malicious code behavior detection module, a detection result determination and alarm module, a detection result query module and a management module. According to the invention, through comprehensive application of the Web application source code database, the malicious code feature database, the webpage code behavior analysis, the white list and the manual analysis, missed alarm behaviors of malicious code detection can be effectively solved, the accuracy of the malicious code detection is improved, the natural contradiction between the rate of false alarm and the missed alarm rate in a malicious code detection process is balanced, and the response efficiency in the malicious code detection process is optimized.

Description

technical field [0001] The invention relates to the detection and technical field of Web malicious codes, in particular to a real-time detection method and system for malicious codes such as Web-type Trojan horses and viruses. Background technique [0002] With the rapid development of the Internet, network attacks against Internet applications are also becoming more and more rampant. Among all kinds of network attacks, malicious code implantation (webpage Trojan, webpage virus, webshell backdoor, etc.) targeting websites has become one of the most popular and most harmful attack methods. [0003] Malicious code (UnwantedCode) refers to code that has no effect but brings danger. One of the safest definitions is to regard all unnecessary code as malicious. There are many types of malicious code analysis methods. Generally, traditional malicious code analysis methods are divided into three types: analysis methods based on code characteristics, analysis methods based on semant...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/56
CPCH04L63/145G06F21/56G06F21/562H04L67/02
Inventor 郄军利
Owner YONYOU NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com