Method and device for extracting sample code characteristics

A code and sample technology, applied in the field of intelligent terminal security, can solve the problems of limited number of virus features, low efficiency and low accuracy, and achieve the effect of perfecting virus features and improving the effect of antivirus

Active Publication Date: 2017-06-30
北京鸿享技术服务有限公司
View PDF11 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the prior art, the virus characteristics in the virus database are obtained by manually analyzing black samples (i.e. virus samples) and white samples (i.e. non-virus samples). Due to the low efficiency of manual analysis methods, As a result, the virus signatures contained in the final virus database are limited and the accuracy is not high, resulting in poor virus killing effect of antivirus applications

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for extracting sample code characteristics
  • Method and device for extracting sample code characteristics
  • Method and device for extracting sample code characteristics

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the purpose, technical solution and advantages of the present application clearer, the technical solution of the present application will be clearly and completely described below in conjunction with specific embodiments of the present application and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present application, rather than all the embodiments. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0052] Taking the Android operating system as an example, it includes an application program layer (app layer) and a system framework layer (framework layer). As for other layers that may be included in terms of functional division, this application will not discuss it. Among them, usually the app layer can be understood as the upper layer, which is r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for extracting sample code characteristics. The method comprises the steps that virtual machine execution files of black samples and white samples which are contained in a sample set are obtained; decompilation is conducted on the virtual machine execution files corresponding to the black samples and the white samples, and a function information structure subjected to decompilation is obtained; function instruction sequences in the function information structure subjected to decompilation are extracted; instruction sequence fragments which are contained in the function instruction sequences corresponding to the black samples in the sample set and are not contained in the function instruction sequences corresponding to the white samples in the sample set are determined one by one, and a fragment set containing the instruction sequence fragments is obtained; at least one optimal instruction sequence fragment is determined on the basis of the instruction sequence fragments contained in the fragment set. By means of the scheme, virus characteristics contained in a virus database which is finally established can be more perfect, and then the antivirus effect of antivirus applications is improved.

Description

technical field [0001] The present application relates to the technical field of smart terminal security, in particular to a method and device for extracting sample code features. Background technique [0002] With the development of science and technology, smart terminals have more and more functions. For example, people's mobile phones have shifted from traditional GSM and TDMA digital mobile phones to smart phones that can handle multimedia resources and provide various information services such as web browsing, conference calls, and e-commerce. However, more and more types of malicious code attacks on mobile phones and increasingly severe personal data security issues have followed, and more and more mobile phone viruses have caused smartphone users to suffer. [0003] At present, the antivirus technology for various smart terminals is mainly based on the character string of the virtual machine execution file of the application program, and the extracted character strin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F9/45
CPCG06F8/53G06F21/563
Inventor 杨康陈卓唐海
Owner 北京鸿享技术服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap