Detection of malicious behaviour of computer program

A computer program and monitoring computer technology, applied in the field of computer science, can solve the problems of high storage and calculation requirements, difficult to overcome the code, limited public information, etc., to achieve the effect of low performance cost, increased real proportion, and improved detection accuracy
CN113196268APending Publication Date: 2021-07-30HUAWEI TECH CO LTD +1
0 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Current Assignee / Owner
HUAWEI TECH CO LTD
Publication Date
2021-07-30

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

Method for determining real-time malicious behavior of a computer program, such as on Android systems. A first sequence of APIs from a total sequence of intercepted APIs generated by the computer program are saved and converted into vector representation and comprise inputs, together with statistical information about API's in the first sequence and APIs in the total sequence, for determining whether the behavior of the computer program constitutes abnormal behavior of the computer program.Determining uses pre-trained dataset and model in various types of machine learning.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to computer science, in particular to a real-time detection of whether the behavior of a computer program is abnormal. Judging based on the following inputs: 1. Selecting a recent subset of system class calls from a large set of intercepted system class calls of computer programs. 2. Statistics related to system class calls in subsets and large collections. The pre-trained judgment module uses machine learning to judge whether an input indicates anomalous behavior. In order to reduce the computation and storage requirements of devices such as mobile devices, the input is converted into a vector representation, only a recent subset is stored, and the statistics include information that is relatively old. Background technique

[0002] According to a report by G Data, an information security company (C. Luek "8,400 New Android Malware Samples Every Day"), 8,400 Android malware were found every day in 2017, that is, a new Android ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More