A Homology Analysis Method of Malicious Code Based on System Call Control Flow Graph
A technology of homology analysis and control flow graph, which is applied in the field of network security, can solve the problems of poor homology analysis ability of malicious code variants, etc., and achieve the effect of improving homology analysis ability, good abstraction, and simplified data volume
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment Construction
[0045] In the homology analysis of malicious code variants, the internal logic of malicious code processed by obfuscation techniques such as deformation and polymorphism may be disrupted, and the control flow graph of instruction blocks extracted through static analysis can be used with little value; while dynamic analysis Expenses are high. In addition, the function call graph can obtain the calling relationship between functions, but there is no timing relationship.
[0046] The present invention considers constructing a system call control flow graph, the control flow graph is a directed and unweighted graph composed of system call nodes, and the direction of the edges represents the sequential relationship of system call execution, which retains the timing relationship between system calls. Here, "system call" means that a program running in user space requests a service from the operating system kernel that requires higher privileges to run. System calls provide the inte...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com