Malicious software detection method

A malware and detection method technology, applied in the direction of computer components, instruments, platform integrity maintenance, etc., can solve the problem of lack of effective detection and killing of new malware, achieve efficient and rapid judgment, ensure safety, and improve detection efficiency Effect

Inactive Publication Date: 2019-12-06
NANJING CHENXIAO SOFTWARE TECH CO LTD
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method for detecting malicious software in order to solve the problem that existing software detection and killing methods lack effective detection and killing of new malicious software that constantly appears

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious software detection method
  • Malicious software detection method
  • Malicious software detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Example 1: Please refer to Figure 1~4 , a malware detection method, comprising the steps of:

[0035] S1: Statically detect the target code of the target software, decompile the target software in the isolation sandbox to obtain the target code, and then analyze the target code to determine whether there is malicious code;

[0036] S2: Run the target software in the isolation sandbox, copy and create a local system in the isolation sandbox, and then use the system in the sandbox to run the target software;

[0037] S3: Record the enablement of the target software, record the enablement of the corresponding pre-selected multiple specific underlying functions during the running process of the target software, and the system API called by the target software, and generate a sample vector to be identified;

[0038] S4: Create a malware recognition model, use the pre-created malware recognition model, use a machine learning algorithm to classify the sample vectors to be re...

Embodiment 2

[0049] Embodiment 2: This embodiment adds the following technical features on the basis of Embodiment 1:

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious software detection method which comprises the following steps: statically detecting a target code of target software, decompiling the target software in an isolation sandbox to obtain the target code, analyzing the target code, and judging whether the malicious code exists or not; running the target software in the isolation sandbox, copying and creating a localsystem in the isolation sandbox, and running the target software by using the system in the sandbox; and recording a starting condition of the target software, recording starting conditions of a plurality of pre-selected specific underlying functions corresponding to the target software in the running process, and recording a system API called by the target software. In the present invention, theoperation and analysis of the target software are carried out in the isolation sandbox, the isolation sandbox is a closed program operation space which is isolated from an existing system and is independently created, when an uncertain program is operated, the current program can be well protected against damage, Trojan viruses are implanted when the target software is opened, and the safety of the system is guaranteed.

Description

technical field [0001] The invention belongs to the technical field of malicious software detection, in particular to a method for detecting malicious software. Background technique [0002] With the continuous development of information technology, more and more software is applied to various electronic devices, and various software content providers are becoming more and more complicated. Correspondingly, the requirements for software security are also getting higher and higher. In the field of software security technology, it is often necessary to detect and identify unknown software to determine whether the software is malicious software. Malware refers to programs such as viruses, worms, and Trojan horses that perform malicious tasks on a computer system. Malicious software can steal user information, affect users' experience in using electronic devices, and even seriously threaten the safety of users' property. [0003] Although a large number of scanning and killing...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/53G06K9/62
CPCG06F21/563G06F21/566G06F21/53G06F18/24
Inventor 谢川何太炎王民峰
Owner NANJING CHENXIAO SOFTWARE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap