Malware detection method based on software genetic technology

A technology of malware and detection methods, applied in the field of information security, can solve problems such as insufficient malware identification, and achieve the effect of reducing the false negative rate

Inactive Publication Date: 2018-12-04
PEKING UNIV
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with the increasingly common application of network technology, the explosive development of software diversity and the arrival of the era of big data, the existing traditional malware detection methods relying on feature value detection are not enough to identify malware well.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malware detection method based on software genetic technology

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0029] figure 1 Shown is the flow process of method provided by the present invention, and the specific embodiment of the present invention is as follows:

[0030] Step 1. On the client side, upload the local sample to be tested. Local samples to be detected may be script files, executable files, and the like.

[0031] Step 2. On the server side, perform gene extraction on the sample to be tested, including extraction of dependencies of each module and extraction of API call information, to obtain the genome of the sample to be tested.

[0032] For the extraction of the dependencies of each module, the present invention uses the Understand tool, and the Understand can automatically generate the dependency information of each module of the program, and sort out and export the data of the dependencies of each module of the generated program as CSV (Comma-Separated Values, comma-separated values) file, as part of the sample genome.

[0033] For the extraction of API call infor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malware detection method based on software genetic technology. The method comprises: performs gene extraction on a to-be-detected sample, comparing an extracted genome with azombie-trojan-worm virus family gene pool, calculating similarity, thereby identifying whether the to-be-detected sample is malware or not. The method can be used as an auxiliary detection means of malware, and effectively reduces missing report rate of malware detection by an existing malware detection method.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a malware detection method based on software gene technology. Background technique [0002] With the rapid development of information technology, data has undoubtedly become a valuable resource. At the same time, the accompanying information security issues have become increasingly prominent. [0003] In recent years, information security incidents such as data loss, information leakage, and system paralysis caused by malicious software have emerged in an endless stream, which has greatly affected personal privacy, corporate credit, and even national security. Therefore, it is more and more important to detect and identify malware. However, the increasingly common application of network technology, the explosive development of software diversity and the arrival of the era of big data make the existing traditional malware detection methods relying on feature value d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/562
Inventor 文伟平杨芳芳
Owner PEKING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap