Unlock instant, AI-driven research and patent intelligence for your innovation.
Dynamic behavior feature and software gene matching system and method
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A gene and software technology, applied in the field of dynamic behavioral characteristics and software gene matching system, can solve problems such as time-consuming, no solution, low matching efficiency, etc., and achieve the effect of improving efficiency
Pending Publication Date: 2021-04-23
上海戎磐网络科技有限公司
View PDF0 Cites 1 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0006] However, at present, for the matching of dynamic characteristic behavior and assembly code, operators need to have strong reverse analysis ability and skilled reverse tool use ability. The efficiency of matching the dynamic behavior characteristics of the sample with the assembly code is low, and it takes a lot of manpower and time
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0029] According to an embodiment of the present invention, an embodiment of a dynamic behavioral feature and software gene matching system is provided, figure 1 is a schematic diagram of a dynamic behavioral feature and software gene matching system according to an embodiment of the present invention, such as figure 1 As shown, the system includes: a detection scheduling module 10 , a sample analysis module 20 and an intelligent matching module 30 .
[0030] The detection scheduling module 10 is configured to download malicious samples to be detected from the file storage system;
[0031] It should be noted that in this system, the detection scheduling module can download malicious samples stored in the system, and the malicious samples stored in the system are uploaded by users.
[0032] In addition, it should be noted that the above-mentioned malicious samples are executable files.
[0033] The sample analysis module 20 is configured to analyze the malicious sample to be ...
Embodiment 2
[0058] The embodiment of the present invention also provides a dynamic behavior feature and software gene matching method, the dynamic behavior feature and software gene matching device described in the first embodiment is used to implement the dynamic behavior feature and software gene matching method provided by the embodiment of the present invention Matching method, the following is a specific introduction of the dynamic behavior feature and software gene matching method provided by the embodiment of the present invention.
[0059] Such as Figure 4 as shown, Figure 4 It is a flow chart of the above-mentioned method for matching dynamic behavioral characteristics and software genes, and the method for matching dynamic behavioral characteristics and software genes includes:
[0060] Step S102, obtaining the malicious sample input by the user;
[0061] Step S104, analyzing the malicious sample to determine the dynamic behavior characteristics of the malicious sample and t...
Embodiment 3
[0065] An embodiment of the present invention also provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is run by a processor, the steps of the method described in the second embodiment above are executed.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
The invention provides a dynamic behavior characteristic and softwaregene matching system and method, and relates to the technical field of data processing. The system comprises a detection scheduling module, a sample analysis module and an intelligent matching module; the detection scheduling module is used for downloading a malicious sample to be detected from a file storagesystem; the sample analysis module is used for analyzing the to-be-detected malicious sample and determining dynamic behavior characteristics of the to-be-detected malicious sample and a softwaregene of the to-be-detected malicious sample; the intelligent matching module is used for matching the dynamic behavior characteristics with a target softwaregene sum by utilizing an artificial intelligencealgorithm to obtain a matching result, wherein the target software gene comprises a software gene of the malicious sample to be detected and a preset software gene, and the matching result is used for representing a corresponding relationship between the dynamic behavior characteristics and the software gene; therefore, the technical problem that in the prior art, the matching efficiency of the dynamic behavior characteristics of the malicious sample to be detected and the software gene is low is solved.
Description
technical field [0001] The invention relates to the technical field of data processing, in particular to a dynamic behavior feature and software gene matching system and method. Background technique [0002] In the prior art, the matching between the dynamic behavior characteristics of malicious samples and software genes is generally done manually. [0003] Software gene is a binary segment with functions or carrying information on the software body. It is an intermediate code after abstract processing based on assembly code, and it is a special format text data. [0004] With the development of sandbox technology, the process of dynamic detection of malicious files mostly includes: booting into the sandbox mode; obtaining file samples in the sandbox mode; performing symbolic execution on the file samples, and monitoring the symbolic execution at the same time The input data generated in and the corresponding path constraints of the file sample; when it is determined accor...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More