Unlock instant, AI-driven research and patent intelligence for your innovation.

Attack code detection method and device, electronic equipment, program and storage medium

A code detection and code technology, used in computer security devices, electrical digital data processing, instruments, etc., can solve the problems of complex identification process and low identification efficiency, and achieve the effect of simple identification process and improved identification efficiency.

Pending Publication Date: 2022-06-24
QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC +1
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides an attack code detection method, device, electronic equipment, program, and storage medium, which are used to solve the problem that the existing attack code identification method needs to establish a feature library based on a large amount of data, the identification process is relatively complicated, and the identification efficiency is low. Defects, realize the identification of attack codes in a simple way, and improve the identification efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack code detection method and device, electronic equipment, program and storage medium
  • Attack code detection method and device, electronic equipment, program and storage medium
  • Attack code detection method and device, electronic equipment, program and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention. , not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0039] figure 1 A schematic flowchart of the attack code detection method provided in this embodiment, the attack code detection method can be executed by a device (server or terminal) to be subjected to attack code detection, for example, the attack code detection method can be executed by a Linux server, specifically by The implementation of the protection driver module implanted in the Linux server, see figure...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an attack code detection method and device, electronic equipment, a program and a storage medium, and the method comprises the steps: obtaining a return address of a call function in a process stack range in a system, and determining that the system has an attack code if the return address does not belong to a system configuration address for storing an executable file of the system. The attack code is directly detected by obtaining the return address of the calling function, a feature library does not need to be established, the recognition process is simple, and the recognition efficiency of the attack code is improved.

Description

technical field [0001] The invention relates to the technical field of information security protection, in particular to an attack code detection method, device, electronic device, program and storage medium. Background technique [0002] Network devices inevitably have loopholes, and attackers will use these loopholes to construct a piece of attack code to attack network devices. For example, attackers will use attack codes to escalate privileges, execute programs, and connect to remote machines in network devices, so as to achieve the purpose of arbitrarily controlling network devices. For example, the attack code shellcode of the Linux server used for the attack. [0003] In the prior art, the call chain sequence of the system call needs to be learned in advance, and a normal behavior feature library is established, and then the sequence of the system call of the system and the normal sequence feature library are matched to identify the exploit behavior. However, this m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 徐荣维王健齐向东吴云坤
Owner QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC