Trojan file tracing method, system and equipment

A Trojan horse and file technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as inability to effectively identify features, simple detection methods, and backward traceability methods, and achieve the goal of improving speed and efficiency, expanding analysis dimensions, accurate judgment, and traceability capabilities. Effect

Active Publication Date: 2019-05-21
北京中睿天下信息技术有限公司
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The purpose of the embodiments of the present invention is to provide a Trojan file traceability method, system and equipment to solve the problem that the existing Trojan file traceability technology cannot be effectively identified due to single detection source, simple detection means, backward traceability method, and isolated use of data. Problems with Trojan horse files with feature confusion, packer avoidance, and protection evasion processing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trojan file tracing method, system and equipment
  • Trojan file tracing method, system and equipment
  • Trojan file tracing method, system and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0034] refer to figure 1 A Trojan file traceability device proposed in an embodiment of the present invention includes: a Trojan file gene feature extraction terminal 1, a cloud threat intelligence center server 2, a multi-source information library 3, and a cloud hacker fingerprint archive library 4; wherein, the cloud threat intelligence center server 2 is respectively connected to the Trojan horse file gene feature extraction terminal 1 and the cloud hacker fingerprint archive 4 through wired or wireless network communication, and the cloud threat intelligence center server 2 is connected to the multi-source information library 3 through wired or wireless network communication or the cloud threat intelligence center server 2 is embedded with a multi-source information base 3 .

[0035] Trojan horse file gene feature extraction terminal 1 stores computer program instructions, a kind of Trojan horse file traceability system applied to Trojan horse file gene feature extraction...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Trojan horse file tracing method, system and the equipment. The gene features of the Trojan files are depicted from multiple angles, multiple forms and multiple levels through three-factor model analysis, more comprehensive and more accurate Trojan fingerprint data are provided for Trojan file tracing, the analysis and recognition capability of the Trojan files is improved, and more complete data resources are provided for Trojan file tracing. And the cloud server is linked with the cloud hacker fingerprint archive library, so that the association and traceability ofthe Trojan files can be carried out by combining the behavior habits organized by the hackers, the analysis dimension of the Trojan files is expanded, and the Trojan files which are deeper to hide andmore skillful in design can be identified and traced. Besides, a Trojan file tracing method for multi-source data comprehensive evaluation is adopted, fusion, association and application of multi-source data are truly achieved, high-level and complex Trojan samples can be recognized, and the method has more accurate judgment and tracing capacity.

Description

technical field [0001] The present invention relates to the technical field of traceability of Trojan horse files, in particular to a method, system and equipment for traceability of Trojan horse files. Background technique [0002] There are currently two mainstream technical methods for traceability of Trojan files, one is the feature matching analysis method, and the other is the sandbox detection and analysis method. The feature matching analysis method generally describes the characteristics of the Trojan horse through key information items such as the Hash value of the file, the online domain name of the Trojan horse, and the link address, and uses it as a key indicator to identify and trace the source of the Trojan horse file. The sandbox detection and analysis method uses Sandboxie (sandbox, network programming virtual execution environment) to create an execution environment that restricts program behavior according to security policies. When the file is running in ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 刘庆林魏海宇刘海洋吴小勇白应东熊文砚谢辉
Owner 北京中睿天下信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap