Software detection method, device, equipment and storage medium

A software detection and software technology, which is applied in the detection field, can solve problems such as difficulty in coping with the massive confusion of virus generators, difficulties in word segmentation and segmentation of character strings, and inconsistencies in the number of features, so as to improve the accuracy of discrimination, reduce the difficulty of training, and increase the speed of training Effect
CN109359439BActive Publication Date: 2019-12-13BEIJING TOPSEC NETWORK SECURITY TECH +2
6 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING TOPSEC NETWORK SECURITY TECH
Publication Date
2019-12-13

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a software detection method, device and appartus and a storage medium. The method comprises the following steps of: extracting numerical type features and non-numerical type features contained in each sample in a software sample library; processing the non-numeric features by using the selected N non-encrypted hashing algorithms, and converting the processing results into numeric features; The N is an integer greater than 1; constructing a feature matrix according to the numeric feature contained in each sample and the numeric feature converted; training a machine learning classifier using the feature matrix; using the machine learning classifier, the target software is detected. The invention can convert the complex character string feature extracted from the malicious software sample into the hash feature which is easy to be processed by the machine learning algorithm, thereby reducing the difficulty of the model training, remarkably improving the training speed, reducing the space overhead and improving the malicious software discrimination accuracy.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of detection, in particular to a software detection method, device, equipment and storage medium. Background technique

[0002] Malicious software mainly includes destructive computer viruses, worms, Trojan horse backdoors, exploit programs, advertising phishing codes, etc. These malicious software can be combined with various evasion techniques and security holes to break through the monitoring of existing traditional defense systems and threaten users. interests are greatly destructed. The purpose of a malware detection system is to discover malware mixed with normal files in a timely manner, take measures autonomously as much as possible before it produces destructive effects, and notify users in a timely manner.

[0003] Currently, malware detection methods include static file analysis detection and dynamic behavior analysis detection. Existing malware static detection technologies mainly rely on artif...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More