Malicious code homology analysis method, device and apparatus

A homology analysis, malicious code technology, applied in the direction of program code conversion, neural learning methods, computer security devices, etc., can solve problems such as the inability to meet the needs of malicious code detection, achieve accurate homology relationship detection, and improve analysis results. Effect

Pending Publication Date: 2021-05-07
南京东巽信息技术有限公司
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the face of a large number of new malicious codes, traditional malicious code analysis methods based on signatures and signatures can no longer meet the detection requirements of malicious codes. Heuristic methods, cloud detection technology and active defense technology have been proposed and have been applied to malicious code correlation analysis. and homology analysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code homology analysis method, device and apparatus
  • Malicious code homology analysis method, device and apparatus
  • Malicious code homology analysis method, device and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Various exemplary embodiments, features, and aspects of the present application will be described in detail below with reference to the accompanying drawings. The same reference numbers in the figures indicate functionally identical or similar elements. While various aspects of the embodiments are shown in drawings, the drawings are not necessarily drawn to scale unless specifically indicated.

[0049] The word "exemplary" is used exclusively herein to mean "serving as an example, embodiment, or illustration." Any embodiment described herein as "exemplary" is not necessarily to be construed as superior or better than other embodiments.

[0050] In addition, in order to better illustrate the present application, numerous specific details are given in the following specific implementation manners. It will be understood by those skilled in the art that the present application may be practiced without certain of the specific details. In some instances, methods, means, co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a malicious code homology analysis method, which comprises the following steps of: grouping malicious code samples in a malicious code sample set, and extracting dynamic feature information and static feature information of each malicious code sample in each group; performing numerical processing on the dynamic feature information and the static feature information of the malicious code samples in each group to obtain feature vectors of the malicious code samples in each group; performing convolution operation on the feature vectors of the malicious code samples in each group by adopting a convolutional neural network to obtain feature similarity vectors among the malicious code samples in each group; and analyzing and detecting the feature similarity vector based on a dynamic BP neural network to obtain a homology detection result between malicious code samples in each group. The convolutional neural network and the dynamic BP neural network are combined, so that the analysis result can be effectively improved when the homology of the malicious codes is analyzed, and the homologous relationship detection of the malicious codes is more accurate.

Description

technical field [0001] The present application relates to the technical field of information security, and in particular to a malicious code homology analysis method, device and equipment. Background technique [0002] With the deep application of computer networks and the continuous development of malicious code technology, malicious code has become an important factor that threatens the security of computer systems. In order to adapt to different attack target environments or achieve different attack purposes, the writers of malicious code will obtain different malicious codes through modification on the basis of an original malicious code sample. In this case, these newly generated malicious codes no longer use the deformation and polymorphic techniques in traditional malicious code survival techniques. In the new situation where eat malicious code attacks are more and more organized and purposeful, defining the concept of malicious code homology, analyzing and summarizi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F8/53G06N3/08
CPCG06F8/53G06F21/563G06N3/084
Inventor 吴来云
Owner 南京东巽信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap