Malicious code detection method and system based on kernel object behavior body
A malicious code detection and kernel object technology, which is applied in the computer field, can solve the problems of inability to reflect object manipulation, malicious code detection is not accurate enough, and cannot reflect operation conditions, etc. It achieves good detection and classification effects, and is easy to implement and expand , The method is simple and reliable
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0067] The present invention will be further described in detail below in conjunction with the drawings and embodiments.
[0068] Such as figure 1 As shown, the malicious code detection method based on kernel object behavior ontology of the present invention includes the following steps:
[0069] S1: Steps to construct the public behavior ontology of malicious families;
[0070] S2: The steps of constructing the behavior ontology of the suspicious individual;
[0071] S3: After importing the individual behavior ontology of the suspicious sample into the malicious family public behavior ontology, the malicious code domain ontology is formed;
[0072] S4: Inference on the individual behavior ontology to determine whether it is malicious code,
[0073] Wherein, the step S1 of constructing the public behavior ontology of the malicious family includes:
[0074] A1: Construct a malicious family sample set from several malicious code samples;
[0075] A2: Perform dynamic taint analysis on the mal...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2023 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap