Automatic malicious code variation detection method

A malicious code and detection method technology, applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve the problem of increasing the time consumption of malicious code detection

Inactive Publication Date: 2018-08-28
BEIJING UNIV OF TECH
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, malicious code writers have applied various obfuscation methods or intrusion methods in order to evade detection rules, so that malicious code detection programs need to constantly update the static or dynamic...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic malicious code variation detection method
  • Automatic malicious code variation detection method
  • Automatic malicious code variation detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0034] This section will introduce the specific embodiment of the present invention in detail. The implementation environment is ubuntu14.04 host, 8G memory, 1T hard disk. The development environment is python 3.5.3, the background database uses Mysql database, and the detection model used by the malicious code variant detection system is a model trained by using the malicious code variant detection method based on deep learning. The design pattern of the malicious code variant detection system adopts the MVC model, and the specific design pattern implementation diagram is as follows figure 2 shown.

[0035] MVC is a software design paradigm. It uses a method of separating business logic, data, and interface display to organize code, and gathers many business logics into one component. When it is necessary to improve and customize the interface and user interaction, it does not need to rewrite the business logic. , to reduce the encoding time. The emergence of MVC not onl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an automatic malicious code variation detection method. The method comprises the following steps of: feeding a to-be-detected program into a program quality detection system, so as to detect whether the to-be-detected program is a strictly executable program or not: verifying simple features such as a size, a suffix and a naming rule of the program; storing the to-be-detected program which passes the program quality detection system in a database, and handing over the to-be-detected program to a malicious code variation detection system to carry out detection; and if the quantity of newly detected malicious codes stored in a database system achieves a preset threshold value, triggering a set trigger in the database system, so as to enable an automatic fine tuning system to start work. According to the method, a software component technology is flexibly applied to design and development of systems, so that the reliability and extensibility and maintainability ofthe systems are improved, the malicious code variation detection system perfect in function is realized, and the current manner of manually selecting malicious code to detect features is improved.

Description

technical field [0001] The invention belongs to the field of information security, in particular to a malicious code variant detection method, which belongs to the malicious code protection technology. Background technique [0002] In recent years, the number of malicious programs on the Internet has continued to maintain a rapid growth trend. Classified according to their malicious behavior, the top three are rogue behavior, malicious deduction and tariff consumption. Although under the guidance of the Ministry of Industry and Information Technology, the distribution of malicious programs is strictly controlled, the number of malicious programs distributed through informal platforms continues to grow. At the same time, the number of malicious code variants has increased sharply, and malicious code authors spend more time making minor changes or packaging for further propagation and evasion of detection. Different practical and effective solutions need to be provided for di...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/55G06F21/56
CPCG06F21/552G06F21/562G06F21/566
Inventor 赵建峰宁振虎薛菲王玮
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap