Malicious file detection method, system and device and readable storage medium

A technology of malicious files and storage media, which is applied in the directions of instruments, electronic digital data processing, and platform integrity maintenance, etc. The effect of improving timeliness

Inactive Publication Date: 2020-10-02
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, there are roughly two methods of malicious file detection: one is a static detection method based on a virus signature database, and the other is a detection method that uses a sandbox to run a file and analyze the dynamic behavior of the file during operation. However, the two methods Unable to immediately defend against unknown and emerging malicious files, resulting in a high rate of false positives in malicious file detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious file detection method, system and device and readable storage medium
  • Malicious file detection method, system and device and readable storage medium
  • Malicious file detection method, system and device and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The core of the present application is to provide a malicious file detection method, system, device and readable storage medium for reducing the false negative rate of malicious file detection.

[0040] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0041] Please refer to figure 1 , figure 1 It is a flow chart of a method for detecting malicious files provided in the embodiment of the present ap...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious file detection method. The method comprises the steps: matching static parameters with a local threat information library; judging whether the to-be-detected file is a malicious file or not; if not, making the to-be-detected file to run in the sandbox, and obtaining dynamic parameters generated in the running process; and matching the dynamic parameters with alocal threat information library, and judging whether the to-be-detected file is a malicious file or not according to an obtained second matching result. According to the method, the to-be-detected file runs in the sandbox; as long as the to-be-detected file generates suspicious dynamic parameters in the running process, the to-be-detected file is marked as a malicious file, the problem that in the prior art, an unknown and newly-occurring malicious file cannot be defended immediately is solved, the missing report rate of malicious file detection is reduced, and the timeliness of network defense is improved. The invention furthermore provides a malicious file detection system and device, and a readable storage medium, which have the above beneficial effects.

Description

technical field [0001] The present application relates to the field of malicious file detection, in particular to a method, system, device and readable storage medium for malicious file detection. Background technique [0002] With the continuous growth of new threats and attacks such as targeted threat attacks, malicious mining, and ransomware viruses, network threats are rapidly evolving viciously, and the diversification of attack methods and attack channels poses more challenges to the analysis and processing capabilities of network security personnel. high demands. In the process of preventing external attacks, enterprises and organizations increasingly need to rely on sufficient, efficient, and accurate security threat intelligence as a support to help them better discover and respond to these new threats. [0003] At present, there are roughly two methods of malicious file detection: one is a static detection method based on a virus signature database, and the other ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/53
CPCG06F21/562G06F21/566G06F21/53
Inventor 程华才范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap