Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious application detection method and system

A malicious application and detection method technology, applied in the field of mobile Internet, can solve the problems of normal software false positives, effect depends, and large number, etc., to reduce false positive rate, improve accuracy, and solve the effect of high false positive rate.

Active Publication Date: 2017-04-05
卓望数码技术(深圳)有限公司
View PDF7 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It is easy to detect and kill normal software with certain characteristic codes as threats, and some normal software will be falsely reported
[0009] (2) The analysis and extraction of gene signature codes is extremely difficult and requires very professional technicians, and the quality of signature code extraction greatly affects the final judgment of malicious applications. Therefore, this method has a lot of human influence factors, and its effect depends on The quality of safety professional and technical personnel
[0010] (3) A large number of samples are required for analysis. Before the gene signature code is analyzed and extracted, the spread of malicious applications cannot be dealt with. Considering the characteristics of mobile terminal malicious applications that mutate quickly and the propagation period is short, this method cannot effectively solve the problem of malicious applications. killing problem
[0014] (2) Low operating efficiency
[0017] (1) Artificial intelligence is a process that requires continuous learning. Only when there are enough malicious application samples, the artificial intelligence engine can complete its own learning process, thereby improving the behavior signature code, so this technology lags behind the spread of malicious applications
[0018] (2) The algorithm model of artificial intelligence is very complex, and the characteristics of malicious applications are changeable. It is very difficult to design a good learning model, and often one model cannot meet the needs of all applications
[0019] (3) On mobile terminals, malicious application variants are characterized by large numbers, rapid changes, and short propagation time. One variant may disappear after only a few days of transmission, and another variant will appear. Under this characteristic, the efficiency of using artificial intelligence very low
[0020] In short, in the new situation of mobile Internet business, the number of mobile terminals has greatly exceeded the number of PC terminals, and mobile applications will become the most important application form in the future. The malicious application detection method used in the PC era can no longer meet the needs. A brand-new solution can protect the interests of users, ensure the security of users' information, and promote the sustainable development of the industrial chain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious application detection method and system
  • Malicious application detection method and system
  • Malicious application detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0067] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0068] figure 1 A schematic structural diagram of a malicious application detection system 100 according to an embodiment of the present invention is shown. Such as figure 1 As shown, the malicious application detection system 100 is mainly composed of a static heuristic scanning subsystem 110, a similarity analysis subsystem 120, a malicious behavior information database 130, a white list database 140, a misjudgment information database 150, a malicious application sample database 160, and a normal application database. library 170, suspected malicious application library 180 and malicious appli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a malicious application detection method and system. The method comprises the steps of S1, performing static code scanning on a received to-be-detected application, analyzing whether the application has a malicious behavior conforming to any malicious behavior information in a malicious behavior information library or not based on three dimensions of right application, function call and information output, if the malicious behavior exists, marking the application as a suspected malicious application, and if the malicious behavior does not exist, marking the application as a normal application; and S2, performing application name, package name, signature certificate, directory structure, text file and image file-based similarity analysis between the application marked as the suspected malicious application and a malicious application sample in a malicious application sample library, and marking the application with the similarity conforming to a set value as a malicious application. According to the method and the system, the performance bottleneck of loading the application through a virtual machine for execution and analysis is avoided, the false alarm rate is effectively reduced, and the accuracy of identification is improved.

Description

technical field [0001] The present invention relates to mobile Internet technologies, and more specifically, to a method and system for detecting malicious applications. Background technique [0002] With the popularization of mobile smart terminals and the vigorous development of mobile Internet services, the number of mobile application software is showing a rapid growth trend. The subversive changes caused by mobile smart terminals have opened the prelude to the development of the mobile Internet industry. Smart terminals have changed people's work and lifestyle, and the security of mobile application software is also facing a severe situation. [0003] The rapid growth of mobile application software has brought a large-scale flood of various pirated, malicious applications, viruses and other applications. Compared with traditional PC terminals, the characteristics of malicious applications on mobile terminals are more obvious. Malicious application variants are very fas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/562G06F2221/033
Inventor 周建宁沈岩王巍刘志诚
Owner 卓望数码技术(深圳)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com