Supercharge Your Innovation With Domain-Expert AI Agents!

Malicious file detection method and device and storage medium

A malicious file and file technology, applied in the computer field, can solve problems such as the inability to pack and effectively detect encrypted files

Pending Publication Date: 2021-12-31
HUAWEI TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a detection method for malicious files, which can solve the problem that the traditional static detection method cannot effectively detect packed and encrypted files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious file detection method and device and storage medium
  • Malicious file detection method and device and storage medium
  • Malicious file detection method and device and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] Embodiments of the present application are described below in conjunction with the accompanying drawings. With the emergence of new application scenarios, the technical solutions provided by the embodiments of the present invention are also applicable to similar technical problems.

[0056] The terms "first", "second" and the like in the specification and claims of the present application and the above drawings are used to distinguish similar objects, and are not necessarily used to describe a specific sequence or sequence. The naming or numbering of the steps in this application does not mean that the steps in the method flow must be executed in the time / logic sequence indicated by the naming or numbering. The execution order of the technical purpose is changed, as long as the same or similar technical effect can be achieved. figure 1 A schematic diagram of an application scenario of a malicious file detection method is provided for the embodiment of the present appli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The malicious file detection method comprises the steps of enabling detection equipment to run a test file in a virtual running environment to obtain running data of the test file, wherein the running data comprises incremental memory data or parameter data, the incremental memory data is data stored in a memory space applied by the test file in the running process, the parameter data comprises data corresponding to each parameter in a first calling parameter set, and the first calling parameter set comprises parameters adopted when the test file calls the target function for one or more times in the running process; and performing static detection on at least one reconstruction file generated according to the running data, and judging whether the test file is a malicious file or not according to a static detection result. According to the technical scheme, the reconstruction file is generated based on the operation data of the test file in the virtual operation environment, whether the test file is the malicious file or not is judged based on the static detection result of the reconstruction file, and therefore the problem that the detection effect on the confused malicious file is poor is effectively solved.

Description

technical field [0001] The invention relates to the technical field of computers, in particular to a method, device and storage medium for detecting malicious files. Background technique [0002] A malicious file refers to a file containing a program written by a program designer for the purpose of attacking. A malicious file is usually an executable file, such as a virus, worm, or Trojan horse program that performs malicious tasks on a computer system. Malicious files exploit computer system vulnerabilities to perform malicious tasks such as steal confidential information, destroy stored data, etc. Static detection technology is a common technology for detecting malicious files. Static detection technology refers to the method of program analysis without running the computer program. Static detection technology performs feature matching on the test file based on the feature library, such as analyzing the source code, assembly, syntax, structure, process or interface of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/53G06F21/56
CPCG06F21/53G06F21/562
Inventor 奚振弟陈甲
Owner HUAWEI TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com