Malicious code behavior analyzer

A technology of behavior analysis and static analysis, which is applied in the field of malicious code behavior analysis devices, can solve problems such as being unable to deal with high-level malicious code attacks, and achieve the effect of anomaly detection

Inactive Publication Date: 2017-01-18
ELECTRIC POWER RES INST OF GUANGDONG POWER GRID
View PDF6 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] A malicious code behavior analysis device provided by an embodiment of the present invention realizes reorganization and restoration of network data streams, realizes abnormal detection of network behaviors, restores, extracts and analyzes suspicious files, and places suspicious files in a sandbox template It realizes the dynamic monitoring and analysis of file behavior, and combines the results of static analysis and dynamic analysis to give the information security risk degree of suspicious files, which solves the current technical problem of being unable to cope with increasingly severe high-level malicious code attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code behavior analyzer

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] A malicious code behavior analysis device provided by an embodiment of the present invention realizes reorganization and restoration of network data streams, realizes abnormal detection of network behaviors, restores, extracts and analyzes suspicious files, and places suspicious files in a sandbox template It realizes the dynamic monitoring and analysis of file behavior, and combines the results of static analysis and dynamic analysis to give the information security risk degree of suspicious files, which solves the current technical problem of being unable to cope with increasingly severe high-level malicious code attacks.

[0018] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the following T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious code behavior analyzer which comprises a storage module, a display module, a network data flow collecting and reducing module, a central processor, an integrated management module, a network flow behavior analysis engine, a file static analysis engine, a file dynamic behavior analysis engine, a WEB threat detection module, a network behavior abnormity detection module, a threat detection module, a file threat detection module, a file abnormal behavior module and a sandbox module. According to the analyzer, the network data flow can be recombined and reduced, abnormal network behaviors are detected, suspected files can be reduced, extracted and analyzed, and placed in a sandbox template to monitor and analyze file behaviors dynamically, results of static analysis and dynamic analysis are combined to provide the degree of information safety risk of the suspected files, and the technical problem that high-level malicious code attacks which is increasingly serious cannot be handled is solved.

Description

technical field [0001] The invention relates to the field of electric power technology, in particular to a malicious code behavior analysis device. Background technique [0002] In recent years, network security issues have become increasingly prominent, and hacker intrusions and network attacks are increasing. With the continuous popularization of computer network technology, the number of times the public uses computers is increasing. In particular, the construction of public information infrastructure has promoted the government and enterprises to increasingly rely on various information systems, and some businesses and systems related to the national economy and people's livelihood have encountered unprecedented security challenges. For example, the WikiLeaks website leaked a large amount of confidential government information; Citigroup was attacked by hackers, resulting in the theft of more than 360,000 customer account information; the CSDN website was attacked, resu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
CPCH04L63/1425H04L41/14H04L63/1441
Inventor 胡朝辉梁智强李书杰黄曙林丹生伍晓泉胡海生
Owner ELECTRIC POWER RES INST OF GUANGDONG POWER GRID
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap