Unlock instant, AI-driven research and patent intelligence for your innovation.

Sample file detection method and device, terminal equipment and storage medium

A file detection and sample technology, applied in computer security devices, instruments, computing, etc., can solve the problem of difficulty in determining the type of malicious code virus and family attributes.

Pending Publication Date: 2021-03-26
苏州三六零智能安全科技有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The main purpose of the present invention is to provide a sample file detection method, device, terminal equipment and storage medium, aiming to solve the technical problem in the prior art that it is difficult to determine the virus type and family attribute of the malicious code in the sample file

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sample file detection method and device, terminal equipment and storage medium
  • Sample file detection method and device, terminal equipment and storage medium
  • Sample file detection method and device, terminal equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0076] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only part of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0077] refer to figure 1 , figure 1 It is a schematic structural diagram of a terminal device in the hardware operating environment involved in the solution of the embodiment of the present invention.

[0078] Terminal devices can be mobile phones, smart phones, notebook computers, digital broadcast receivers, personal digital assistants (PDAs), tablet computers (PADs) and other user equipment (User Equipment, UE), handheld devices, vehicle-mounted d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a sample file detection method, and the method comprises the following steps: obtaining the operation state information of a sample file in a dynamic analysis sandbox when thesample file operates in the dynamic analysis sandbox; generating a memory dump file according to the running state information; performing text matching on the memory dump file to obtain a matching result; and obtaining a detection result of the sample file according to the matching result. The invention further discloses a sample file detection device, terminal equipment and a storage medium. Because the matching result is obtained by performing text matching on the memory dump file, and the detection result of the sample file corresponding to the memory dump file is obtained according to thematching result, the detection result of the sample file is not obtained according to the real behavior of the sample file operation; and the virus type and family attribute of the malicious code inthe sample file can be accurately determined.

Description

technical field [0001] The invention relates to the field of file detection, in particular to a sample file detection method, device, terminal equipment and storage medium. Background technique [0002] With the development of malicious code technology, the shape of malicious code has also undergone great changes. Traditional anti-virus products sometimes cannot defend against new malicious code attacks. [0003] In related technologies, a malicious code detection method for sample files is disclosed. The sample files are placed in a dynamic analysis sandbox to run, and feature analysis technology is used to analyze the running status of the sample files to obtain analysis results, and according to the described Analyze the results to determine whether there is malicious code in the sample file. [0004] Since different malicious codes in sample files may have certain commonality during operation, it is difficult to determine the virus type and family attributes of maliciou...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/53G06F21/56
CPCG06F21/53G06F21/562
Inventor 罗曼
Owner 苏州三六零智能安全科技有限公司