Check patentability & draft patents in minutes with Patsnap Eureka AI!

Software behavior analyzing method and device

A behavioral analysis and behavioral technology, applied in the field of communication, can solve problems such as low coverage and low efficiency, and achieve the effect of improving accuracy and meticulous division

Inactive Publication Date: 2016-07-13
CHINA UNITED NETWORK COMM GRP CO LTD
View PDF6 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method is inefficient and does not cover well

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software behavior analyzing method and device
  • Software behavior analyzing method and device
  • Software behavior analyzing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] figure 1 It is a schematic flowchart of a software behavior analysis method provided by Embodiment 1 of the present invention. like figure 1 As shown, the method includes the following steps:

[0030] Step 101. Statically analyze the structure of the software file.

[0031] This step is mainly to statically analyze the software files. In fact, it is to analyze the installation files of the software. By decompressing the installation files and analyzing the sub-elements of its core files (executable files), the calling relationship between functions is obtained. Apply the logic and content, so as to know the structure of the software file, and also know the API function sequence of the calling system.

[0032] This step specifically includes:

[0033] Step 1011. Statically analyze the format of the software file.

[0034] For example, the format of the Android system file is APK. By viewing the first few bytes of the hexadecimal number of the file, we can know that ...

Embodiment 2

[0070] image 3 It is a schematic structural diagram of a software behavior analysis device provided by Embodiment 2 of the present invention. like image 3 As shown, the device includes: a static analysis module 100 , a dynamic analysis module 200 and a behavior analysis module 300 .

[0071] The static analysis module 100 is used to statically analyze the structure of software files. It is mainly to perform static analysis on software files. In fact, it is to analyze the installation files of the software. By decompressing the installation files and analyzing the sub-elements of its core files (executable files), the calling relationship between functions and the application logic of software applications are obtained. and content, thereby knowing the structure of the software file, and also knowing the API function sequence of the calling system.

[0072] like Figure 4 As shown, the static analysis module 100 specifically includes: a software file format analysis submo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a software behavior analyzing method.The method comprises the following steps that the structure of a software file is analyzed statically; based on the structure analysis result of the software file, a polling mode is adopted for capturing the function calling sequence corresponding the preset sensitivity behavior in the running process of a software application program; the function calling sequence corresponding to the preset sensitivity behavior and a function calling sequence corresponding to a preset malicious behavior are compared to recognize the malicious behavior of software, the malicious behavior comprises a combination of at least two specific sensitivity behaviors, the safety level of the malicious behavior is determined according to the preset safety level list, and safety level early warning is carried out according to the safety level.Correspondingly, the invention provides a software behavior analyzing device.The device can recognize the malicious behavior of the software efficiently and comprehensively, and divides the safety level accurately and meticulously.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a software behavior analysis method and a software behavior analysis device. Background technique [0002] In recent years, with the rapid development of mobile Internet technology and the popularity of smart phones, mobile Internet and smart phones have brought great convenience to people's lives. In addition to the call function and SMS function of traditional non-smart phones, smart phones also have the characteristics of Internet access and payment (SP billing and NFC). Due to the ability to connect to the Internet, it is inevitable that smartphones will be attacked by malware. [0003] Since AndroidOS occupies more than half of the market share of mobile operating systems, AndroidOS is more "favored" by virus software developers. Since a mobile security vendor intercepted the world's first Android virus in June 2010, tens of thousands of malware have been detected a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/562G06F21/566
Inventor 王文治
Owner CHINA UNITED NETWORK COMM GRP CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com