Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for detecting target sample file

A detection method and sample technology, applied in the Internet field, can solve problems such as threats to user information security, user personal and property damage, etc.

Inactive Publication Date: 2017-05-10
BEIJING QIHOO TECH CO LTD +1
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are system-level kernel vulnerabilities in the current Internet technology. These vulnerabilities provide opportunities for malicious developers. Malicious developers use these vulnerabilities to attack terminals where various clients and servers are located through threat sample files. Obtain the user's personal information, threaten the user's information security, and cause the user's personal and property losses

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting target sample file
  • Method and device for detecting target sample file

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0073] figure 1 A flow chart of a method for detecting a target sample file according to an embodiment of the present invention is shown. Such as figure 1 As shown, the method includes:

[0074] Step S110, receiving the target sample file from the data source, and putting the target sample file into the sandbox for running.

[0075] Step S120, during the running process of the target sample file in the sandbox, monitor whether a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for detecting a target sample file. The method includes the steps that the target sample file is received from a data source, and the target sample file is put in a sandbox to run; in the process that the target sample file runs in the sandbox, whether a bitmap object attribute modification event happens in a sandbox kernel or not is monitored; if yes, it is determined that the target sample file is a threat sample file; or else, it is determined that the target sample file is the threat sample file. According to the scheme, the sandbox serves as a virtual carrier to run the target sample file, all running tracks of the target sample file can be clearly detected, feature information associated with the target sample file are comprehensively analyzed and obtained, whether a process attribute modification event happens or not in the process that the target sample file runs in a virtual machine can be more accurately judged according to the feature information associated with the target sample file, then the threat sample file is determined, and reference and a basis are provided for following information security protection.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method and device for detecting target sample files. Background technique [0002] With the continuous development of Internet technology, people use the Internet more and more frequently. Through the Internet, various matters such as work, study, life, and entertainment can be carried out, which brings great convenience to people. However, there are system-level kernel vulnerabilities in the current Internet technology. These vulnerabilities provide opportunities for malicious developers. Malicious developers use these vulnerabilities to attack terminals where various clients and servers are located through threat sample files. Obtain the user's personal information, threaten the user's information security, and cause the user's personal and property losses. In particular, in the process of exploiting vulnerabilities through threat sample files, malicious developers ofte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 邱鹏
Owner BEIJING QIHOO TECH CO LTD