Illegal code recognition method, system, device and storage medium

An illegal code and identification method technology, applied in the field of systems, devices and storage media, and illegal code identification methods, can solve the problems of not being able to find unknown malicious code memory implantation and operation, and not being able to identify illegal codes, etc., to achieve strong protection, The effect of precise memory protection

Active Publication Date: 2019-12-24
北京卓识网安技术股份有限公司
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the current defense method is only to scan and kill known viruses or attack codes, and cannot identif

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Illegal code recognition method, system, device and storage medium
  • Illegal code recognition method, system, device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The principles and features of the present invention will be described below in conjunction with the accompanying drawings, and the examples given are only used to explain the present invention, and are not intended to limit the scope of the present invention.

[0025] At present, the main ways to prevent illegal codes include static scanning of disk files, process-based memory static scanning, patching, and firewall-based security policy protection. These security protection strategies are all implemented based on the known illegal code. For example, static scanning of disk files is the full-disk and directory scanning of common antivirus software. Process-based memory static scanning is common antivirus software scanning the memory of user processes and operating system processes. Firewall-based security policy protection is to protect some Protocols and ports are blocked.

[0026] That is to say, these network security protection measures can work only on the premis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an illegal code recognition method, a system, a device and a storage medium, and relates to the field of computers. The method comprises the steps of acquiring codes and recording the execution characteristics of codes; writing the code into an executable memory, and recording writing operation data; before the code is executed, judging whether the static consistency or dynamic continuity of the code is legal or not according to the execution characteristics and the write-in operation data. According to the method, unknown codes are recognized, more accurate memory protection is achieved, patch release does not need to be waited for, blocking protection can be achieved before code execution, and the protection performance is higher.

Description

technical field [0001] The invention relates to the computer field, in particular to an illegal code identification method, system, device and storage medium. Background technique [0002] At present, the main ways to prevent illegal codes include static scanning of disk files, process-based memory static scanning, patching, and firewall-based security policy protection. However, the current prevention method is only to scan and kill known viruses or attack codes, and cannot identify unknown illegal codes, and cannot discover the memory implantation and operation of unknown malicious codes. Contents of the invention [0003] The technical problem to be solved by the present invention is to provide an illegal code identification method, system, device and storage medium for the deficiencies of the prior art. [0004] The technical scheme that the present invention solves the problems of the technologies described above is as follows: [0005] A method for identifying ille...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/562G06F21/566G06F2221/033
Inventor 张文超
Owner 北京卓识网安技术股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap