Malicious software identification method and apparatus, and electronic device

A malicious software and identification method technology, applied in computer security devices, electrical digital data processing, instruments, etc., can solve the problems of single detection method, misjudgment, and influence on static detection results, etc., to achieve comprehensive identification and improve accuracy Effect

Active Publication Date: 2018-11-02
上海戎磐网络科技有限公司
View PDF7 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Most of the malware identification schemes in the prior art are based on static identification, that is, to analyze the software code as a whole, compare the software code with known malicious code, and judge whether there is malicious code in the software code. Single, often resulting in incomplete identification and unstable detection results. For example, when processing packed samples, it will affect the results of static detection to a certain extent, resulting in misjudgment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software identification method and apparatus, and electronic device
  • Malicious software identification method and apparatus, and electronic device
  • Malicious software identification method and apparatus, and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. The components of the embodiments of the application generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations.

[0045] Accordingly, the following detailed description of the embodiments of the application provided in the accompanying drawings is not intended to limit the scope of the claimed application, but merely represents selected embodiments of the application. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious software identification method and apparatus, and an electronic device. The method comprises the following steps: obtaining to-be-identified software and performingdecompilation on the to-be-identified software to obtain a to-be-processed code; splitting the to-be-processed code into multiple code gene fragments according to a location where a code for calling asystem API is located in the to-be-processed code; detecting the multiple code gene fragments by using a first random forest model to obtain a static detection result; running the to-be-identified software in a sandbox virtual environment to obtain the system API called by the to-be-identified software, detecting the system API called by the to-be-identified software by using a second random forest model, judging whether a malicious behavior exists in a dynamic operation process of the to-be-identified software, and obtaining a dynamic detection result; and judging whether the to-be-identified software is malicious software according to the static detection result and the dynamic detection result. Therefore, the identification accuracy of malicious software can be effectively improved, and malicious software can be more comprehensively identified.

Description

technical field [0001] The present application relates to the technical field of software security, and in particular, to a malware identification method, device and electronic equipment. Background technique [0002] With the continuous development of information technology, more and more software is applied to various electronic devices, and various software content providers are becoming more and more complicated. Correspondingly, the requirements for software security are also getting higher and higher. In the field of software security technology, it is often necessary to detect and identify unknown software to determine whether the software is malicious software. Most of the malware identification schemes in the prior art are based on static identification, that is, to analyze the software code as a whole, compare the software code with known malicious code, and judge whether there is malicious code in the software code. Singleness often leads to incomplete identifica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F21/566
Inventor 刘旭胡逸漪章丽娟
Owner 上海戎磐网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap