Method and device for identifying computer threats and storage medium

A computer and technology to be identified, applied in computer security devices, computing, instruments, etc., can solve the problems of large data delivery and reduced server performance, and achieve the effects of low system overhead, reduced business processing, and improved efficiency.
CN110674499AInactive Publication Date: 2020-01-10成都网思科平科技有限公司
6 Cites 1 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
成都网思科平科技有限公司
Publication Date
2020-01-10
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The embodiment of the invention discloses a method and device for identifying computer threats and a storage medium, and the method comprises the steps: carrying out the operation of a new portable executable file intercepted by a filtering drive program through employing a password hash algorithm, and obtaining a first hash value of the new file; and matching the first hash value with a pre-stored second hash value corresponding to a blacklist, if matching succeeds, judging that the portable executable file corresponding to the second hash value is a threat file, and intercepting the portableexecutable file. According to the method for identifying computer threats, which is provided by the embodiment of the invention, matching judgment is performed on portable executable files intercepted by a filter driver according to a black list, a white list and a known file list respectively, and whether the files need to be intercepted or not is further judged. On the basis of overcoming traditional full-data-volume delivery analysis matching, different strategies are detected for unknown files, and the recognition efficiency is improved.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] Embodiments of the present invention relate to the technical field of computer security, and in particular to a method, device and storage medium for identifying computer threats. Background technique

[0002] Information systems have gradually integrated into people's daily life and work on a global scale, and the field of information security has likewise become increasingly important in today's society. Such massive convergence also presents many opportunities for malicious actors to exploit these systems. If malware can infect a host computer, it can perform any number of malicious actions, such as sending spam or malicious email from the host computer, stealing sensitive information from businesses or individuals associated with the host computer, spreading and / or help with distributed denial of service attacks. Furthermore, for some types of malware, malicious operators can sell or otherwise give access to other malicious operators, thereby ex...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More