Virus detection method, apparatus, device and medium for portable executable file

A virus detection and file execution technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as backward virus detection technology, and achieve the effect of solving lag

Inactive Publication Date: 2018-12-21
中国人民解放军61660部队
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This detection method has an inevitable lag, and virus detect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virus detection method, apparatus, device and medium for portable executable file
  • Virus detection method, apparatus, device and medium for portable executable file
  • Virus detection method, apparatus, device and medium for portable executable file

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The characteristics and exemplary embodiments of various aspects of the present invention will be described in detail below. In order to make the purpose, technical solutions and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is only to provide a better understanding of the present invention by showing examples of the present invention.

[0037] It should be noted that, in this document, the terms "comprising", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion such that a process, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a virus detection method, an apparatus, a device and a medium of a portable executable file. The method comprises the following steps: extracting static features of known viruses and normal programs by using a static feature extraction method to form a feature set, wherein, the static features include: PE file attribute features and instruction sequence features; The featureset is used as training set, and multiple groups of training data are randomly selected from the training set to train the detection model. The static feature extraction method is used to extract thestatic feature of the document to be checked. The static characteristics of the documents to be inspected are inputted into the detection model after training, and the detection results output by thedetection model after training are obtained. The invention solves the problem that the traditional virus detection has hysteresis, and realizes the technical effect that the new virus or the virus variant can be detected immediately.

Description

technical field [0001] The present invention relates to the field of virus detection, in particular to a virus detection method, device, equipment and medium for portable executable files. Background technique [0002] Explanation of terms: [0003] Apache Spark is a fast and general computing engine designed for large-scale data processing. Spark is a Hadoop MapReduce-like general-purpose parallel framework open sourced by UCBerkeley AMP lab (AMP Lab of the University of California, Berkeley). Spark has the advantages of Hadoop MapReduce; but it is different from MapReduce in that the intermediate output results of Job can be saved In the memory, there is no need to read and write HDFS, so Spark is more suitable for data mining and machine learning and other MapReduce algorithms that require iteration. [0004] Spark is an open source cluster computing environment similar to Hadoop, but there are some useful differences between the two that make Spark superior for certain...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/562
Inventor 黄河刘伟李智李杰王学慧汪文晓蔡天伦杜英鹏
Owner 中国人民解放军61660部队
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap