Method for determining malicious software characteristics and malicious software detection method and device

A malware and detection method technology, applied in the field of network security, can solve the problems of wasting man-hours and resources, cannot add features, and has no automatic extraction of malware features, etc., to achieve the effect of improving detection efficiency and improving work efficiency

Active Publication Date: 2020-10-02
BEIJING VENUS INFORMATION SECURITY TECH +1
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Under normal circumstances, a middle-level and senior analyst can analyze a virus every two days, but after the analysis, it may be impossible to add features to the product due to reasons such as the product engine does not support it or the protocol is encrypted, which wastes man-hours and resources.
[0004] Therefore, there is still no scheme that can automatically extract malware features in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for determining malicious software characteristics and malicious software detection method and device
  • Method for determining malicious software characteristics and malicious software detection method and device
  • Method for determining malicious software characteristics and malicious software detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The application describes a number of embodiments, but the description is illustrative rather than restrictive, and it will be obvious to those of ordinary skill in the art that within the scope of the embodiments described in the application, There are many more embodiments and implementations. Although many possible combinations of features are shown in the drawings and discussed in the detailed description, many other combinations of the disclosed features are possible. Except where expressly limited, any feature or element of any embodiment may be used in combination with, or substituted for, any other feature or element of any other embodiment.

[0039] This application includes and contemplates combinations of features and elements known to those of ordinary skill in the art. The disclosed embodiments, features and elements of this application can also be combined with any conventional features or elements to form unique inventive solutions as defined by the clai...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method for determining malicious software characteristics and a malicious software detection method and device. One of the methods comprises the following steps: determining a longest common substring in each character string binary group in one or more character string binary groups according to a longest common substring algorithm, and determining thecharacteristics of the malicious software according to the determined one or more longest common substrings. Therefore, the features of the malicious software can be automatically extracted, and the working efficiency is greatly improved.

Description

technical field [0001] Embodiments of the present invention relate to network security technologies, and in particular, to a method for determining characteristics of malicious software, a method and a device for detecting malicious software. Background technique [0002] In recent years, malware has intensified, and business risks have increased. Among them, zombie and worm malware have the characteristics of high concealment, fast outbreak speed, and wide-ranging influence, causing great harm to society. Zombie worm is a general term for botnets, Trojan horses, and worm viruses. Hackers often use botnets to launch DDOS (Distributed Denial of Service) attacks, use worms to spread botnets, and use various Trojan horse backdoors to specific targets or The organization launches an APT (Advanced Persistent Threat, Advanced Persistent Threat) attack. In a real attack, because various terminal software is easy to obtain, and secondly, based on the cost of avoiding killing, atta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06F16/951G06F16/903
CPCG06F21/566G06F16/951G06F16/90344G06F18/22
Inventor 刘洋卞超轶董颖陈亘李永泉李杰
Owner BEIJING VENUS INFORMATION SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap