File risk detection method and device

A risk detection and file technology, applied in the field of communication, can solve problems such as missed detection, low detection accuracy, and inability to effectively guarantee the security of website servers, so as to avoid missed detection, improve detection accuracy, and improve real-time performance Effect

Active Publication Date: 2019-09-06
TENCENT TECH (SHENZHEN) CO LTD
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004]A major problem in the existing technology is that it is necessary to perform feature matching on the static features of the text. When the corresponding features are hit, it will enter the background detection and analysis process. When the intruder Deliberately bypassing detection, using deformed or more concealed control functions, so that malicious web files do not have corresponding detection features, the system will not perceive the existence of this file on the target machine, there is a risk of missing detection, and the detection accuracy is low. Unable to effectively guarantee the security of the website server

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File risk detection method and device
  • File risk detection method and device
  • File risk detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0069] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts fall within the protection scope of the present invention.

[0070] Embodiments of the present invention provide a file risk detection method and device.

[0071] see figure 1 , figure 1 It is a schematic diagram of the scene of the file risk detection system provided by the embodiment of the present invention. The file risk detection system may include a file risk detection device, and the file risk detection device may be integrated in a server. The server may be a website server, such as figure 1 In the website server, the terminal...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a file risk detection method and device, and the method comprises the steps: obtaining a webpage file when detecting that the webpage file is abnormal; performing file label analysis on the webpage file to obtain multi-dimensional file feature data of the webpage file; performing global information integration on the multi-dimensional file feature data ofthe webpage file according to pre-acquired whole network file feature statistical information to obtain multi-dimensional file risk information; and when the multi-dimensional file risk information reaches a preset requirement, determining that the webpage file is a malicious webpage file. According to the embodiment of the invention, the malicious degree of the file can be analyzed without depending on the file content, whether the webpage file is malicious or not is effectively confirmed, the missed detection condition of the webpage file is avoided, the detection accuracy is improved, and meanwhile, better real-time performance is achieved.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a file risk detection method and device. Background technique [0002] Webshell refers to dynamic server pages (Active Server Pages, ASP), hypertext preprocessor (Hypertext Preprocessor, PHP), java server pages (Java Server Pages, JSP) or common gateway interface (Common Gateway Interface, CGI), etc. A command execution environment in the form of a web page file, which can also be called a web page backdoor. After an intruder invades a website, they usually mix backdoor files such as ASP or PHP with normal webpage files in the directory of the website server, and then use a browser to access backdoor files such as ASP or PHP to get a command to execute Environment, through the Webshell to obtain a certain degree of operating authority to the website server, so as to achieve the purpose of controlling the website server. [0003] In the prior art, the detection of Webshel...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/565G06F21/577G06F2221/034
Inventor 李俊波杜海章朱海星刘宁
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap