Intelligent malicious code fragment evidence obtaining method and system

A technology of malicious code and code fragments, applied in the field of digital forensics, which can solve the problems of complex forensics analysis, differences in evidence analysis of criminal events, and reduction in the number of closed cases.

Active Publication Date: 2020-11-03
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU +1
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This technology helps detect harmful software that has been installed on computer systems or other devices without being detected beforehand. It uses advanced techniques like machine learning algorithms to learn from large amounts of stored data about known threat patterns found during an attack. By analyzing these patterns with this algorithm, it becomes possible to predict future attacks based solely upon past behavioral changes made against them.

Problems solved by technology

This patented technical solution describes an algorithm called Deep Learning Thesis used by FBI's National Center for Criminative Analytical Technologies (NCCIT), where they analyze electronic documents containing suspicious codes over time with advanced techniques like image processing or machine learning algorithms. These results help identify potential threats during investigations on terrorist attacks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent malicious code fragment evidence obtaining method and system
  • Intelligent malicious code fragment evidence obtaining method and system
  • Intelligent malicious code fragment evidence obtaining method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions.

[0033]The research on automatic forensics technology has achieved preliminary research results. Some scholars have discussed the necessity and importance of highly automated digital forensics, and analyzed the advantages of automated forensics. In addition, in order to improve the automation of forensic analysis, button-type automatic forensic functions have been added to classic forensic suites, such as EnCase, Forensic ToolKit, AutopsyForensic Browser and other full-featured forensic tool suites that allow forensic investigators to click Which button can carry out preliminary and even some complex investigative analysis tasks. These popular tools strive to make the job of forensic investigators easier and improve t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of digital forensics, and particularly relates to a malicious code fragment intelligent forensics method and system, and the method comprises the steps: constructing a code fragment training set and a code fragment test set for training and testing through extracting the underlying data features of a storage medium; training the set full-connection neural network model by using the data in the code fragment training set, the input being a feature vector, and the output being a normal or malicious prediction result; for the code fragment test set, performing test output by utilizing the trained full-connection neural network model to judge whether model input is a malicious code fragment; and performing feature extraction on the target code snippets, and inputting the target code snippets into a fully-connected neural network model generated through training and testing to obtain an intelligent malicious code recognition result of the targetcode snippets. According to the method, malicious code fragments in storage media such as computers, mobile phones and tablets and evidence containers such as RAW, E01 and AFF can be recognized, and the method has a good application prospect in the field of digital evidence collection such as crime event evidence underlying data automatic analysis.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap