Malicious software identification method

An identification method and malware technology, applied in the field of petroleum machinery, can solve problems such as low efficiency, and achieve the effects of solving low efficiency, reducing time and calculation amount, and improving virus detection accuracy

Inactive Publication Date: 2016-07-27
CHENGDU YUBEN TECHCO LTD
View PDF6 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The invention provides a malicious software identification method, solves the technical problem of low efficiency in the existing unknown virus detection and identification method, and realizes the technical effect of high identification and detection efficiency of malicious software

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software identification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] Please refer to figure 1 , the application provides a malware identification method, the method comprising:

[0036] Step 1: Input a sample, perform static analysis on the sample, and obtain analysis data;

[0037] Step 2: Perform complexity calculation based on the analysis data to obtain complexity data;

[0038] Step 3: Determine whether the complexity data is greater than the threshold, if the complexity data is greater than or equal to the threshold, send the sample to the unpacker to extract the obfuscated code, and send the extracted sample to the virus scanning system Perform scanning and identification; if the complexity data is less than the threshold, the sample is directly sent to the virus scanning system for scanning and identification.

[0039] The technical effect of the present application is: accurately distinguish between packaged (or obfuscated) and non-packaged (or non-confused) executable files in a simple and fast manner, and has the function of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious software identification method. The method includes: step 1: input a sample, perform static analysis on the sample, and obtain analysis data; step 2: perform complexity calculation based on the analysis data, and obtain the complexity data; Step 3: judging whether the complexity data is greater than the threshold, if the complexity data is greater than or equal to the threshold, the sample is sent to the unpacker to extract the obfuscated code, and the extracted sample is sent to virus scanning Scanning and identification are performed in the system; if the complexity data is less than the threshold, the sample is directly sent to the virus scanning system for scanning and identification, achieving the technical effect of high identification and detection efficiency of malware.

Description

technical field [0001] The invention relates to the field of petroleum machinery, in particular to a malicious software identification method. Background technique [0002] Malware refers to viruses, worms, and Trojan horse programs that perform malicious tasks on computer systems, exercising control by disrupting software processes. Data shows that malware consists of multiple threats that pop up constantly, so multiple approaches and techniques are required for antivirus protection. [0003] Due to the arms race between virus authors and antivirus vendors: Computer viruses often implement many sophisticated code obfuscation techniques: executable code polymorphism, metamorphism, wrapping, and encryption. These techniques have proven to be very effective at evading detection by traditional signature-based antivirus software. [0004] Traditional signature-based anti-virus software needs to update virus databases regularly, and virus detection relies on known virus databas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/033
Inventor 罗阳
Owner CHENGDU YUBEN TECHCO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap