Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for controlling infinite analysis of derivative file and storage medium

A file, to-be-analyzed technology, applied in the field of malicious code analysis, which can solve problems such as redelivery and reduced analysis speed

Pending Publication Date: 2020-10-20
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

And it is precisely because of the diversity of derivation methods that it will bring us many problems
Since the system usually analyzes a large number of samples, if there is no restriction, it will lead to re-delivery as long as there are derivative files, which will produce an effect similar to unpacking bombs
A lot of derivative files are generated, and the overall analysis speed is greatly reduced

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling infinite analysis of derivative file and storage medium
  • Method and device for controlling infinite analysis of derivative file and storage medium
  • Method and device for controlling infinite analysis of derivative file and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] Embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0027] It should be clear that the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0028] When performing a system analysis performance test, a large number of samples need to be delivered to the system. If the number of derivation levels is not limited, these samples will generate new derivative files indefinitely, and then infinitely input into the system for analysis. A large number of derivation files will be As a result, system analysis tasks are aggravated, and system performance is seriously affected.

[0029] In the first aspect, the embodiments of the present invention provide a method for...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and device for controlling infinite analysis of derivative files and a storage medium, relates to the technical field of malicious code analysis, andcan limit generation and analysis of the derivative files by limiting the levels of the derivative files so as to save system resources. The method comprises: obtaining an input to-be-analyzed file,and adding a derivative hierarchy number; if the to-be-analyzed file generates a derivative file, adding 1 on the basis of the derivative level number of the parent file to serve as the derivative level number of the derivative file; and judging whether the derivative level number of the to-be-analyzed file is greater than a set threshold value of the analysis identifier, and if so, preventing theto-be-analyzed file from entering the analysis identifier.

Description

technical field [0001] The invention relates to the technical field of malicious code analysis, in particular to a method, device and storage medium for controlling unlimited analysis of derivative files. Background technique [0002] Currently, in malicious code analysis products, the detection method for files is to directly deliver samples, let each analysis component analyze the samples, and finally summarize and output the analysis results. However, when we cannot get clear analysis results from the existing analysis reports, we often need other methods to assist the analysis. Usually, we will pay attention to whether there are derivative files in the sample. If so, we can further obtain more accurate and rich information by analyzing the derivative files. There are many ways to generate derivative files, such as unpacking and unpacking through an anti-virus engine, extracting attachments from email format files, releasing or downloading by running a virtual machine, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/562Y02D10/00
Inventor 韩志辉吕志泉梅瑞严寒冰丁丽李佳沈元张帅李志辉张腾陈阳王适文马莉雅高川周昊周彧
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT