Malicious event positioning method and system, storage medium and terminal

A positioning method and malicious technology, applied in the field of network security, can solve the problems of malicious influence, the inability to completely block and dispose of malware, and the inability of users to know the execution process of malware, so as to prevent recurrence and improve the effect of protection

Pending Publication Date: 2021-08-27
SANGFOR TECH INC
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the analysis and detection are only performed on the detected point, the user cannot know the malware execution process; secondly, the prevention and disposal of malicious behaviors or malicious events become single-point prevention and single-point disposal, and the malware cannot be completely blocked and disposed of. It may run again, causing malicious effects

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious event positioning method and system, storage medium and terminal
  • Malicious event positioning method and system, storage medium and terminal
  • Malicious event positioning method and system, storage medium and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] In order to make the purposes, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments It is a part of the embodiments of this application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0041] The current detection process for malware only uses single-point detection, that is, to analyze the detected point, but the detected point is usually only a certain process of malware or a malicious file generated, so that blocking and disposal become single-point blocking And single-point disposal, it is impossible to completely prevent and di...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious event positioning method. The method comprises the following steps: confirming a malicious event detection point; respectively performing upward backtracking and downward backtracking on the malicious event detection point in a database, and determining a target original event associated with the malicious event detection point; constructing a malicious behavior logic relationship according to the execution sequence of the target original event; determining a malicious attack process corresponding to the malicious event detection point according to the logical relationship, wherein the malicious attack process is used for positioning all malicious events associated with the malicious event detection point. According to the method and the device, the malicious event can be thoroughly resisted and handled, the malicious event is prevented from relapsing due to incomplete handling, and the protection effect when the equipment is attacked by malicious software is effectively improved. The invention also provides a malicious event positioning system, a computer readable storage medium and a terminal, which have the above beneficial effects.

Description

technical field [0001] The present application relates to the field of network security, in particular to a method for locating malicious events, a locating system, a computer-readable storage medium, and a terminal. Background technique [0002] At present, the malware detection process only analyzes and detects the detected point. The detected point is a single point detected in the malware detection process, generally referring to a file or a process. Since the analysis and detection are only performed on the detected point, the user cannot know the malware execution process; secondly, the prevention and disposal of malicious behaviors or malicious events become single-point prevention and single-point disposal, and the malware cannot be completely blocked and disposed of. It may run again, causing malicious effects. [0003] Therefore, how to effectively deal with malicious software is a technical problem urgently needed to be solved by those skilled in the art. Conte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1441H04L2463/146
Inventor 陈之望
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap