Attack defense method, system and defense device for abnormal system call

An abnormal system and calling sequence technology, applied in computer security devices, instruments, computing and other directions, can solve the problems of the deep learning algorithm operation rate and classification accuracy rate being reduced, and cannot be installed, so as to improve the detection effectiveness and maintain the classification accuracy. degree, taking into account the effect of calculation speed

Active Publication Date: 2020-08-21
网御安全技术(深圳)有限公司
View PDF10 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Generally, in home computers, mobile phones, or even embedded systems or chips, due to the limitation of installation area and manufacturing cost, it is impossible to install such GPU hardware devices, but this will likely lead to a significant reduction in the calculation speed and classification accuracy of deep learning algorithms.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack defense method, system and defense device for abnormal system call
  • Attack defense method, system and defense device for abnormal system call
  • Attack defense method, system and defense device for abnormal system call

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0049] The specific implementations / examples described here are specific specific implementations of the present invention, and are used to illustrate the concept of the present invention. limit. In addition to the embodiments described here, those skilled in the art can also adopt other obvious technical solutions based on the claims of the application and the contents disclosed in the description, and these technical solutions include adopting any obvious changes made to the embodiments described here. The replacement and modified technical solutions are all within the protection scope of the present invention. It should also be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0050] In the present invention, "system call" means that wh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an attack defense method, an attack defense system and an attack defense device for abnormal system call, and the method comprises the steps: obtaining a system call sequencefrom an operating system when detecting that a program is executed, and returning the system call sequence to a server; performing feature encoding on the system call sequence through a second encoderto obtain a corresponding second feature vector set, the second encoder being constructed according to encoding parameters of a first encoder in a self-encoding and decoding module transmitted by theserver; and comparing the second feature vector in the feature space through a regression equation, and determining whether the system call sequence is a normal system call according to a comparisonresult, the regression equation being obtained and transmitted by performing regression equation operation on the first feature vector set by the server. By implementing the technical scheme of the invention, the detection effectiveness of unseen malicious software can be effectively improved, the operation resources can be effectively distributed, and the hardware cost is reduced.

Description

technical field [0001] The invention relates to the field of computer security, in particular to an attack defense method, system and defense device for abnormal system calls. Background technique [0002] In recent years, with the advent of the era of big data and artificial intelligence, many researches and products of various companies are based on neural networks (NN) and combined with high-power GPU equipment to classify various texts, pictures and videos. application. However, compared with the above applications, there are few related researches on the intrusion prevention of abnormal system calls caused by malware, and most of the researches cannot be effectively commercialized. There are two main reasons: [0003] 1. At present, all artificial intelligence self-learning algorithms must rely on a large amount of labeled training data. However, malware must have never appeared before large-scale proliferation, so most network security companies can obtain training da...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/562
Inventor 不公告发明人
Owner 网御安全技术(深圳)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap