Malicious code shell identification and static unshelling method and system

A malicious code and code technology, applied in the field of Internet information security, can solve problems such as uncollected and undiscovered data, achieve efficient and convenient identification and analysis, improve accuracy, and realize the effect of system automation

Inactive Publication Date: 2019-08-16
SHANGHAI JIAO TONG UNIV
View PDF2 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, there is no description or report of the similar technology of the present invention, and no similar data at home and abroad have been collected yet.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code shell identification and static unshelling method and system
  • Malicious code shell identification and static unshelling method and system
  • Malicious code shell identification and static unshelling method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

[0039] Aiming at the above-mentioned deficiencies in the prior art, the present invention provides a malicious code shell code identification method and a static unpacking method. The method uses a relatively mature deep neural network to complete an available efficient and accurate malicious code shell code identification and repair the system. The system uses a malicious code shell code visualization algorithm to map the shell code into a grayscale image, and transforms the identification problem of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious code shell recognition and static unshelling method and system, and the method comprises the steps: carrying out the disassembling processing of a to-be-detected file, and enabling the obtained disassembling instruction information to serve as a feature; carrying out graying processing on the feature information according to the value to generate a gray level image; using a sample set composed of grayscale images and label values to train a deep learning model LeNet-5 to obtain a mature identification model; receiving a malicious code shell code to be judgedas input to complete shell code identification; and unshelling the identified shelled codes. A shell code visualization algorithm is used to convert a packed code recognition task into an image classification task, a deep learning judgment model is combined, an available malicious code shell code recognition method is achieved, a static unshelling method is achieved for a corresponding packed code, and a malicious shell code recognition method and an efficient unshelling method which are higher in judgment accuracy compared with an existing system are achieved.

Description

technical field [0001] The present invention relates to the technical field of Internet information security, in particular to a malicious code shell identification and static unpacking method and system. Background technique [0002] In today's society, computer networks are closely related to all aspects of human life. While the rapid development of computer technology brings convenience, it also brings many security risks. With the development of computer technology, a class of software codes appears, which are attached to the executable program to protect the original code in the program and modify the execution sequence of the executable program. Attackers take advantage of this to pack malicious code and use the shell code to evade many detection and analysis, thereby avoiding the scanning and killing of security software. [0003] Facing this severe challenge, how to accurately identify the type of packed code and how to completely restore the data and code of the o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/04G06N3/08
CPCG06F21/562G06N3/08G06N3/045
Inventor 范晓宁朱信宇刘丹阳褚乾峰张学文刘功申
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap