Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for monitoring change situation of malicious codes and computer equipment

A malicious code and situation technology, applied in computer security devices, computing, instruments, etc., can solve the problem of inability to accurately monitor the changing situation of malicious code, and achieve the effect of accurately monitoring the changing situation, improving the monitoring strength, and accurately spreading the method.

Pending Publication Date: 2021-10-01
TENCENT TECH (SHENZHEN) CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present application provides a method, device and computer equipment for monitoring the changing situation of malicious codes, which can solve the problem that the changing situation of malicious codes cannot be accurately monitored

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for monitoring change situation of malicious codes and computer equipment
  • Method and device for monitoring change situation of malicious codes and computer equipment
  • Method and device for monitoring change situation of malicious codes and computer equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] In order to make the technical solutions and advantages of the present application clearer, the implementation manners of the present application will be further described in detail below.

[0085] The terms used in the embodiments of the present application are explained below:

[0086] Malicious code: the code inserted into the program by the programmer to destroy terminal functions or data, that is, a virus.

[0087] Virus family: A general term for viruses and their variants. There is a relationship or similarity between files and related information of the same virus family.

[0088] Breadth of distribution: The number of users for which a particular message exists. For example, if file A appears on terminals of N users, then the distribution breadth of file A is N.

[0089]The embodiment of the present application provides an application scenario for monitoring changes in malicious codes. The application scenario is mainly applied to security software for check...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and device for monitoring the change situation of malicious codes and computer equipment, and belongs to the technical field of terminals. The method for monitoring the change situation of the malicious codes provided by the embodiment of the invention comprises the following steps: acquiring target network data according to a to-be-monitored target object; generating a relation graph according to the target object and the target network data; according to the relation graph, generating a directed graph taking the target object as a starting point; determining existing nodes and newly added nodes in a relation path according to the relation path in the directed graph; and determining the change situation of the current target object according to the increase of the distribution breadth of the existing nodes and the distribution breadth of the newly added nodes. According to the method, the propagation mode of the malicious code can be known more accurately by monitoring the change of the node distribution breadth in the relation path associated with the malicious code and the variant thereof, so that the monitoring strength on the malicious code is improved, and the change situation of the malicious code is accurately monitored.

Description

technical field [0001] The present application relates to the field of terminal technology, in particular to a method, device and computer equipment for monitoring the changing situation of malicious codes. Background technique [0002] With the development of the terminal technology, its wide application makes the terminal become the target of malicious code, that is, virus attack. Malicious code is the code inserted by the compiler into the program to destroy terminal functions or data. It is contagious and infectious, and will affect the use of the terminal. Therefore, it is very necessary to monitor the changing situation of malicious code. [0003] The related technology mainly extracts the characteristics of known malicious codes, then determines whether there is a new file matching the characteristics, and monitors the changing situation of the malicious codes according to the change data of the new files relative to the existing files. [0004] However, malicious c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 彭宁程虎谭昱刘敏沈江波杨耀荣曹有理吕承琨
Owner TENCENT TECH (SHENZHEN) CO LTD