A sample sandbox analysis method and device

An analysis method and analysis device technology, applied in the field of malicious sample detection, can solve the problems of inability to detect and analyze large-scale suspicious samples, large performance loss, and high equipment requirements

Inactive Publication Date: 2019-03-08
广东一知安全科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, due to the CPU, memory, and hard disk requirements of the virtual machine system itself, it has high requirements for equipment and high performance loss. Usually, only 10 to 40 virtual machine systems can be deployed on one device. Therefore, it cannot cope with large-scale Detection and analysis of suspicious samples, resulting in low efficiency and performance of sample sandbox analysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A sample sandbox analysis method and device
  • A sample sandbox analysis method and device
  • A sample sandbox analysis method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] Embodiments of the present invention provide a sample sandbox analysis method and device, which implement suspicious sample detection through containers in a sandbox container group, and realize a malicious sample sandbox detection function under large concurrency.

[0040] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the following The described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0041] see figure 1 , an embodiment of a sample sandbox analysis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a sample sandbox analysis method and device, and the method comprises the steps of obtaining suspicious samples, and sending the suspicious samples to available containers in asandbox container group through a submission interface; calling the available container to complete execution of the suspicious sample; and judging whether the suspicious sample is a malicious sampleaccording to the behavior information of the suspicious sample in the available container. According to the invention, the containers in the sandbox container group are used for replacing a traditional virtual machine to complete sandbox analysis of suspicious samples, and hundreds to thousands of containers in the sandbox container group can be deployed due to the fact that resources occupied bythe containers are small, so that the detection and analysis of large-scale malicious samples can be completed on the premise that the resource occupancy rate is low.

Description

technical field [0001] The invention relates to the field of malicious sample detection, in particular to a sample sandbox analysis method and device. Background technique [0002] In recent years, as network security issues have become increasingly prominent, people have increasingly applied sandbox technology to malicious sample detection, that is, submitting suspicious samples to the sandbox for dynamic simulation operation can not only avoid unknown malicious behaviors from affecting real The destruction of the system can also capture and analyze the behavior information of suspicious samples, thus providing a new solution for the detection of malicious samples. [0003] The current sandbox detection of malicious samples usually uses virtual machine technology, that is, a device is deployed as multiple virtual machine systems, and suspicious samples are input into the virtual machine systems for behavior analysis to determine whether suspicious samples are malicious samp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 李俊
Owner 广东一知安全科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap