A malicious program identification method and electronic device
A malicious program and identification method technology, applied in the computer field, can solve problems such as accurate identification of malicious programs, and achieve high recognition efficiency and high recognition accuracy
Active Publication Date: 2021-03-30
北斗智谷(北京)安全技术有限公司
View PDF7 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] In view of this, the present invention provides a malicious program identification method and electronic equipment, which are used to solve the problem of how to efficiently and accurately identify malicious programs in the prior art when malicious programs are modified
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0032] The present invention is described below based on examples, but the present invention is not limited to these examples. In the following detailed description of the invention, some specific details are set forth in detail. The present application can be fully understood by those skilled in the art without the description of these detailed parts. In addition, those of ordinary skill in the art should understand that the drawings provided herein are for illustration purposes only.
[0033] Unless the context clearly requires, throughout the specification and claims, "comprises", "comprises" and similar words should be interpreted in an inclusive sense rather than an exclusive or exhaustive meaning; that is, "including but not limited to" meaning.
[0034] In the description of the present invention, it should be understood that the terms "first", "second" and so on are used for descriptive purposes only, and cannot be interpreted as indicating or implying relative impor...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides a malicious program identification method and an electronic device, which are used for solving the problem of how to efficiently and accurately identify the malicious program when the malicious program is varied in the prior art, and includes parsing the received first program to determine at least one system application program interface API data combination called by the first program, wherein the system API data combination includes a name of the system API, an address of the calling system API, and a pointer to the system API. Matching any system API data combinationof the at least one system API data combination with eigenvalues in a query feature library according to a set condition; Determining the number of successfully matched system API data combinations in the at least one system API data combination; If the number of successfully matched system API data combinations is equal to the first set threshold, judging the first program judged to be a malicious program.
Description
technical field [0001] The invention relates to the technical field of computers, in particular to a malicious program identification method and electronic equipment. Background technique [0002] With the development of Internet technology, it has brought great convenience to users' lives, but due to the emergence of malicious programs, it has also brought troubles and infringements to users, for example, the recently popular ransomware, Internet worms, And malicious mining programs, resulting in loss of user property. Malicious program detection engine identifies malicious programs to protect the security of users. However, malicious programs have appeared endlessly and their variants have changed frequently. It is difficult for the malicious program detection engine to identify malicious program variants. As a result, the malicious program detection device used by users cannot Responding in a timely manner to the latest variants of malicious programs cannot guarantee the...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 秦梦姣
Owner 北斗智谷(北京)安全技术有限公司