Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Unknown malicious code detection method for embedded processor

A technology of malicious code detection and embedded processors, which is applied in the fields of electrical digital data processing, instruments, calculations, etc., can solve the problem of high resource overhead of detection methods, achieve the effect of reducing resource overhead and ensuring security

Inactive Publication Date: 2016-07-13
HUAZHONG UNIV OF SCI & TECH
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of the above defects or improvement needs of the prior art, the present invention provides an unknown malicious code detection method for an embedded processor, the purpose of which is to solve the problem of excessive resource overhead of the existing detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Unknown malicious code detection method for embedded processor
  • Unknown malicious code detection method for embedded processor
  • Unknown malicious code detection method for embedded processor

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0038] An unknown malicious code detection method for an embedded processor provided by the present invention includes obtaining the binary string of the processor instruction sequence, constructing a self-set, constructing a detector set, and using the detectors in the detector set to detect that the processor is running The code of the system is detected, and the security of its behavior is ju...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an unknown malicious code detection method for an embedded processor. The method comprises the following steps: creating an embedded system self-set, generating a detector set and detecting an unknown malicious code; collecting and encoding instruction sequence information of a normal program in a system at a processor instruction level to generate a binary string set as the self-set; generating a binary string as a candidate detector at random and carrying out negative selection on the binary string and elements in the self-set to generate a detector set; matching with the binary string of behavior information of a to-be-detected code collected from the instruction level by the binary string in the detector set; carrying out fuzzy matching among the binary string in the self-set, the binary string of the detector and the to-be-detected binary string by a double-threshold ymir rule, so that the detection rate on the unknown malicious code is increased; and the resource consumption of the system is reduced. The self-set and the detector set are stored by a CAM word memory-addressable memory, so that the searching and matching efficiency is improved; and the generation efficiency of the detector is improved.

Description

technical field [0001] The invention belongs to the technical field of digital integrated circuit and embedded system security, and more specifically relates to an unknown malicious code detection method of an embedded processor. Background technique [0002] In recent years, embedded systems are increasingly threatened by malicious codes. In the prior art, most of the methods to solve the vulnerability of embedded systems to malicious software attacks continue to use traditional virus defense methods, which are as follows: [0003] (1) Malicious code detection technology based on hash digest: use the characteristics of hash function to check the integrity of files and other resources in the system to determine whether they have been tampered with by malicious code; the method has good versatility for various malicious codes , but the false positive rate is high. [0004] (2) Malicious code detection technology based on signatures: use signatures to distinguish malicious c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/56G06F21/561G06F21/563
Inventor 刘政林裴根鲁赵骏刘文超童乔凌邹雪城
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products