Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for judging whether a know program has been attacked by employing program behavior knowledge base

A knowledge base and attacked technology, applied in the direction of instruments, electrical digital data processing, digital data processing components, etc., can solve problems such as ports and protocols cannot be set, virus or hacker intrusion, affecting the normal operation of the network, etc.

Active Publication Date: 2013-01-02
北京东方微点信息技术有限责任公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Its main defects are: 1. It requires users to be very familiar with the system in order to effectively set it; 2. Because the monitoring particles are too large, it is basically impossible to set the ports and protocols that must be used in network applications. If allowed to pass, it may cause Virus or hacker intrusion occurs; if it is not allowed to pass through, it may directly affect the normal operation of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for judging whether a know program has been attacked by employing program behavior knowledge base

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The method for judging that a known program is attacked by using the program behavior knowledge base of the present invention will be described in detail below in conjunction with an example.

[0038] The program behavior knowledge base is a database that uses automatic tools to analyze and list the actions and behaviors that may affect computer security executed by legal known programs one by one, and stores the analysis list.

[0039] In the method of using the program behavior knowledge base of the present invention to judge that a known program is attacked, the action behavior is divided into: monitoring action, which means that the action may affect computer security and needs to be monitored in real time; dangerous action, the action is first A monitoring action that may threaten computer security while the program is running. In addition, non-monitoring actions that do not affect computer security and do not need to be monitored will not be monitored and recorded...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a judgment method of known attacked program, which is characterized by the following: comparing the known program behavior with the stored legal program behavior in the knowledge base; judging the known program whether to be attacked. The invention improves the efficiency and precision without depending virus code, which expands the knowledge base through the user self-defining value to the program behavior.

Description

technical field [0001] The invention relates to a computer virus and attack protection method, in particular to a method for judging that a known program is attacked by using a program behavior knowledge base. Background technique [0002] For a long time, the struggle against computer virus invasion and anti-invasion has been going on fiercely. With the use of computers more and more widely, the intensity of this struggle has also risen to a new height. After long-term struggle and practice, people have summed up many specific methods to prevent the invasion of computer viruses, and developed many corresponding prevention products. These products can be roughly divided into two categories. One is to isolate intruding viruses, such as firewalls, which prevent the entry of intruding viruses by restricting communication ports and protocols; the other is to isolate virus-infected files that may form intrusions. Searching, such as anti-virus software, uses the code characterist...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F1/00
Inventor 刘旭
Owner 北京东方微点信息技术有限责任公司