Heuristic detection method and system of nested file and storage medium

A detection method and heuristic technology, applied in the field of network security, can solve the problems of consuming a lot of resources and time, not being fast enough, and wasting resources, etc., and achieve the effect of improving the speed.

Active Publication Date: 2018-06-29
HARBIN ANTIY TECH
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The traditional heuristic detection technology analyzes the sample entity, such as analyzing the logical structure, dynamic execution in the virtual environment, etc., so as to perform heuristic detection, but it takes a lot of resources and time, is not fast enough, and wastes resources to a certain extent

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Heuristic detection method and system of nested file and storage medium
  • Heuristic detection method and system of nested file and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0031] A heuristic detection method for nested class files such as figure 1 shown, including:

[0032] S101: performing file splitting on the acquired nested class file;

[0033] S102: Acquire the split file type;

[0034] S103: Carry out regular processing on file types, and organize them into knowledge data;

[0035] S104: Match the knowledge data with the knowledge base; if the matching is successful, the nested class file is malicious, output the detection result, and end the detection; otherwise, analyze the maliciousness of the nested class file that is not successfu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a heuristic detection method and system of a nested file and a storage medium. The method comprises the steps of dividing the obtained nested file; obtaining a divided file type, regularizing the file type and sorting the file type into knowledge data; matching the knowledge data with a knowledge base; if matching is successful, determining that the nested file is malignant,outputting the detection result and finishing the detection; if not, conducting malignance analysis on the unmatched nested file. Complex logic analysis is not needed, a virtual environment is not needed either to execute a script, instead, heuristic detection is conducted based on the property that a threat action will be generated based on the nested file in an abnormal environment, the detection speed can be effectively increased, and the detection accuracy can be effectively improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a heuristic detection method, system and storage medium for nested class files. Background technique [0002] With the upgrading of computers and the popularization of the Internet, malicious codes are also evolving accordingly, showing a high growth trend both in quantity and in general. [0003] The traditional heuristic detection technology analyzes the sample entity, such as analyzing the logical structure, dynamic execution in the virtual environment, etc., so as to perform heuristic detection, but it takes a lot of resources and time, is not fast enough, and wastes resources to a certain extent . Contents of the invention [0004] Based on the above problems, the present invention proposes a heuristic detection method, system and storage medium for nested files, and performs heuristic detection according to the type of nested files to effectively improve the det...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F17/30
CPCG06F21/562G06F16/2462
Inventor 李增光童志明何公道肖新光
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap