Dynamic behavior analysis method, device, system and equipment

A behavior analysis and dynamic technology, applied in the field of communication, can solve the problem of not being able to fully stimulate the malicious behavior of samples, and achieve the effects of preventing false positives, improving security, and overcoming potential safety hazards

Active Publication Date: 2018-02-02
ZTE CORP
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Embodiments of the present invention provide a dynamic behavior analysis method, device, system, and equipment to at least solve the problem that the dynamic behavior analysis technology in the related art may not be able to fully stimulate the malicious behavior of samples

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic behavior analysis method, device, system and equipment
  • Dynamic behavior analysis method, device, system and equipment
  • Dynamic behavior analysis method, device, system and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] Hereinafter, the present invention will be described in detail with reference to the drawings and examples. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0056] It should be noted that the terms "first" and "second" in the description and claims of the present invention and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence.

[0057] method embodiment

[0058] This embodiment proposes a solution for the situation in the related art that the execution environment of the dynamic behavior analysis engine for suspicious samples cannot be accurately matched with the actual user equipment environment. Through this solution, the equipment environment information of the user that the sample belongs to can be automatically obtained, and the dynamic behavior analysis engine can load ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a dynamic behavior analysis method, device, system and equipment. The method comprises the steps of collecting a sample file and obtaining environment information correspondingto the sample file; configuring or selecting a matching mirror image environment according to the environment information; and carrying out dynamic behavior analysis of the sample file in the mirror image environment. Through application of the method, the device, the system and the equipment, the problem that in related technologies, a malicious behavior of a sample possibly cannot be excited fully by a dynamic behavior analysis technology is solved; the malicious behavior of the sample can be excited fully when the detection is carried out; the occurrence of underreporting condition resulting from difference between a detection environment and a practical environment is avoided, a potential safety hazard is overcome, and the security of a user network is improved.

Description

technical field [0001] The present invention relates to the communication field, in particular, to a dynamic behavior analysis method, device, system and equipment. Background technique [0002] Major network security incidents such as Aurora attack, Stuxnet attack, Night Dragon attack, and RSA token seed theft have made an attack type with advanced attack methods, long duration, and clear attack targets appear in the public eye. It is an APT (Advanced Persistent Threat, Advanced Persistent Threat) attack. This type of attack not only uses traditional viruses and Trojan horses as attack methods, but also conducts "pilot attacks" through social engineering methods such as emails, sending users carefully constructed files that use 0-Day vulnerabilities. Once the user opens the relevant file, the vulnerability will be triggered, the attack code will be injected into the user's system, and subsequent operations such as downloading other viruses and Trojans will be performed to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L9/40
Inventor 王静马苏安王继刚
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap