Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for evaluating code file security

A code file and security technology, applied in the field of computer software, can solve problems such as low accuracy and low detection efficiency of security detection schemes, and achieve the effect of improving accuracy and detection efficiency

Active Publication Date: 2020-09-04
ALIBABA GRP HLDG LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0012] Embodiments of the present invention provide a method and device for evaluating the security of code files, so as to at least solve the technical problems of low detection efficiency and low accuracy of the security detection scheme for webshell code files provided in the related art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for evaluating code file security
  • Method and device for evaluating code file security
  • Method and device for evaluating code file security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] According to an embodiment of the present invention, an embodiment of a method for evaluating the security of a code file is also provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions , and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0057] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 1 It is a block diagram of the hardware structure of a computer terminal of a method for evaluating the security of a code file according to an embodiment of the present invention. like figure 1 As shown, the computer terminal 10 may include one or more (onl...

Embodiment 2

[0113] According to an embodiment of the present invention, a device embodiment for implementing the above method for evaluating code file security is also provided. Figure 4 It is a structural block diagram of a device for evaluating code file security according to an embodiment of the present invention. like Figure 4 As shown, the device includes: a parsing module 10 for parsing variable functions and assignment expressions from the code file to be detected; a restoration module 20 for restoring direct call functions and original call functions according to variable functions and assignment expressions Function; evaluation module 30, configured to evaluate the security of the code file by using a preset safety factor corresponding to the directly called function and a preset safety factor corresponding to the original called function.

[0114]The technical solutions provided by the embodiments of the present invention can be applied to webshell static detection of PHP scr...

Embodiment 3

[0126] Embodiments of the present invention may provide a computer terminal, and the computer terminal may be any computer terminal device in a group of computer terminals. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.

[0127] Optionally, in this embodiment, the foregoing computer terminal may be located in at least one network device among multiple network devices of the computer network.

[0128] Optionally, Figure 7 It is a structural block diagram of a computer terminal according to an embodiment of the present invention. like Figure 7 As shown, the computer terminal may include: one or more (only one is shown in the figure) processors and memory.

[0129] Wherein, the memory can be used to store software programs and modules, such as the program instructions / modules corresponding to the method and device for evaluating the security of code files in the embodiment of the present ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for evaluating code file safety. The method comprises the following steps that: analyzing a variable function and an assignment expression from a code file to be detected; according to the variable function and the assignment expression, reducing a direct calling function and an original calling function; and through a preset safety coefficient corresponding to the direct calling function and a safety coefficient corresponding to the original calling function, evaluating the code file safety. By use of the method, the technical problem that a safety detection scheme which is provided in the relevant art and aims at a webshell code file is low in defection efficiency and low in accuracy can be solved.

Description

technical field [0001] The invention relates to the field of computer software, in particular to a method and device for evaluating the security of code files. Background technique [0002] The meaning of "web" is that the server opens web services, and the meaning of "shell" is to obtain a certain degree of operating authority on the server. A webshell is usually a command execution environment that exists in the form of web pages such as asp, php, jsp, or cgl, and can also be called a web page backdoor. After hackers invade a website, they usually mix the asp or php backdoor files with the normal webpage files in the web directory of the website server, and then they can use the browser to access the asp or php backdoor to achieve the purpose of controlling the website server . [0003] Since webshell mostly appears in the form of dynamic scripts, it is essentially a page of the website, but because its functions go far beyond the scope of operations allowed by a page, i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 吴阳波朱东海
Owner ALIBABA GRP HLDG LTD