Malicious PDF document detection system and method based on mimicry defense

A detection method and detection system technology, applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve problems such as insufficient security, prevent known and unknown risks, improve detection accuracy and detection efficiency Effect

Active Publication Date: 2020-12-04
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF10 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In recent years, in order to solve the serious security problems caused by the insufficient security of traditional defense methods, relevant researchers have proposed mimic defense technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious PDF document detection system and method based on mimicry defense
  • Malicious PDF document detection system and method based on mimicry defense
  • Malicious PDF document detection system and method based on mimicry defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work belong to the protection of the present invention. scope.

[0033] Based on the principle of mimic defense, the invention designs a malicious PDF document detection system based on mimic defense. The core idea of ​​mimic defense is to improve the system's ability to deal with unknown threats by introducing a dynamic heterogeneous redundant architecture. The abstract model of mimic defense system is as follows: ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of information content security, and particularly relates to a malicious PDF (Portable Document Format) document detection system and method based on mimicry defense. The method comprsies the steps of simultaneously processing an input PDF document based on a heterogeneous host system with multiple equivalent functions and respectively tracking the processing action of a PDF reader and the influence of the PDF document on the host system; outputting a document detection result according to the selection judgment; once internal behaviors or externalbehaviors among the heterogeneous host systems are found to be inconsistent, considering that the PDF document is malicious. The mimicry defense technology is introduced into malicious PDF document detection, known and unknown risks faced by PDF documents can be effectively prevented, and the detection accuracy and the detection efficiency are improved.

Description

technical field [0001] The invention belongs to the technical field of information content security, and in particular relates to a malicious PDF document detection system and method based on mimicry defense. Background technique [0002] As users learned about malicious email attachments and web links, cyber attackers turned to document-based malicious attacks. Browsers, email proxies, or antivirus products often warn users more about the dangers of executable files. However, documents like PDFs receive little attention and suspicion because they give the impression that they are static files that do little harm. [0003] In recent years, however, the PDF specification has changed. New scripting capabilities enable documents to work in almost the same way as executables, including the ability to connect to the Internet, run processes, and interact with other files / programs. Growth in content complexity provides attackers with more holes to launch powerful attacks and mor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566Y02D10/00
Inventor 伊鹏胡涛陈祥韩伟涛张震王文博
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap