181 results about "Backdoor" patented technology

This patent concerns novel technology for detecting backdoors of neural network, particularly deep neural network (DNN), classifiers. The backdoors are planted by suitably poisoning the training dataset, i.e., a data-poisoning attack. Once added to input samples from a source class (or source classes), the backdoor pattern causes the decision of the neural network to change to a target class. The backdoors under consideration are small in norm so as to be imperceptible to a human, but this does not limit their location, support or manner of incorporation. There may not be components (edges, nodes) of the DNN which are dedicated to achieving the backdoor function. Moreover, the training dataset used to learn the classifier may not be available. In one embodiment of the present invention which addresses such challenges, if the classifier is poisoned then the backdoor pattern is determined through a feasible optimization process, followed by an inference process, so that both the backdoor pattern itself and the associated source class(es) and target class are determined based only on the classifier parameters and a set of clean (unpoisoned attacked) samples from the different classes (none of which may be training samples).

Described is a system for detecting backdoor attacks in deep convolutional neural networks (CNNs). The system compiles specifications of a pretrained CNN into an executable model, resulting in a compiled model. A set of Universal Litmus Patterns (ULPs) are fed through the compiled model, resulting in a set of model outputs. The set of model outputs are classified and used to determine presence of a backdoor attack in the pretrained CNN. The system performs a response based on the presence of the backdoor attack.

The invention discloses a webpage backdoor detecting method and device, and aims at solving the problem of low detection efficiency in the prior art. The method comprises that a first web flow of a protected host is obtained; a webpage access record of the protected host is generated according to the first web flow, and used to store at least one URL, IP addresses accessing each URL, and the totalaccess frequency of each URL, and each URL identifies one webpage provided by the protected host; according to the webpage access record, a suspected URL is determined from the at least one URL, thetotal access frequency of the suspected URL is lower than a first threshold, and the ratio of number of different IP addresses which access the suspected URL to the total access number of the suspected URL is lower than a second threshold; and whether the webpage identified by the suspected URL includes a backdoor characteristic is determined, and the webpage identified by the suspected URL includes a webpage backdoor is determined according to a backdoor characteristic determining result.

The invention belongs to the technical field of neural network security, and particularly relates to a backdoor attack method of a video analysis neural network model. For more severe backdoor attackimplementation environments such as a high sample dimension, a high frame resolution and a sparse data set of a video, a video backdoor pollution sample construction framework is used for carrying outbackdoor attack on a video analysis neural network model. The video backdoor pollution sample construction framework comprises three parts: a task-oriented model high-sensitivity video backdoor modegeneration algorithm, a feature fuzzy model low-sensitivity anti-noise video sample generation algorithm and a pollution sample generation and attack algorithm; gradient information is introduced fromtwo aspects of a backdoor mode and an original sample to establish association between an attack target value and the backdoor mode. The method provided by the invention has the advantages of high attack success rate, high secrecy, good robustness, good expansibility and the like, and has very good generalization in a video analysis neural network model.

The invention belongs to the technical field of network security, and discloses a mimicry switch decision system based on trusted measurement, and the system comprises a forwarding plane, a managementinterface agent, an intermediate adaptation module, a forwarding plane agent, a plurality of heterogeneous actuators, a trusted measurement-based mimicry decision module and a situation awareness andnegative feedback scheduling module. The invention further discloses a mimicry switch judgment method based on trusted measurement. The mimicry switch judgment method comprises the steps: setting mimicry switch judgment elements; distributing input information; collecting output information; carrying out mimicry decision based on credibility measurement; issuing a judgment result, sensing the threat situation of the switch, and scheduling an executor; the mimicry decision based on credibility measurement comprises the following steps: establishing an executive credible index tree; collectingand updating the credible index data of the executive body; calculating the credible weight of the output result of each executive body; and calculating the credibility of each output result. The method can effectively reduce the influence of unknown loopholes and potential backdoors, and improves the safety protection level of a local area network.

The invention relates to a power grid Web application mimicry defense system. A heterogeneous virtual Web server pool which is equivalent in function, diversified and dynamic is constructed, technologies such as redundancy voting, dynamic executor scheduling and database instruction isomerization are adopted, an attack chain is blocked, the utilization difficulty of vulnerabilities or backdoors isincreased, and the availability and safety of Web services are guaranteed. A dynamic environment is realized through active change of software and hardware elements of different layers such as a network, a platform, a system, software and an application, and therefore, the dependency condition of the network attack on the determinacy and continuity of the operating environment is destroyed, controllable active defense is realized in the toxic bacteria-carrying software and hardware element environment with the vulnerability and the backdoor, the unknown attack defense problem by using the unknown vulnerability and the unknown backdoor is solved, and the network security of the key Web application system in the power industry is effectively enhanced.

The invention discloses a webshell detection method and device based on artificial intelligence. The method comprises the following steps: step A, acquiring sample data of a webshell backdoor file; B,performing feature extraction on a webshell backdoor file sample to generate feature vectors of supervised learning, the feature vectors of supervised learning including at least one of text features, byte code features and abnormal behavior features; C, respectively establishing a learning model of each feature vector according to the feature vectors of the supervised learning; and D, detectingthe network flow by using the learning model.

The invention belongs to the technical field of computer security, and relates to an anomaly detection method in website security, in particular to a website backdoor detection method based on a convolutional neural network model. The method comprises the following steps: 1, extracting a common webpage file sample from a website server, searching malicious backdoor file samples from the internet,deleting redundant information such as annotations and the like, and dividing into a training set and a test set; 2, preprocessing the data extracted in the step 1; 3, establishing a convolutional neural network, and training the convolutional neural network according to the data obtained in the step 2 to obtain a convolutional neural network model; and 4, detecting whether the webpage file samplein the website server has a backdoor file sample in real time according to the model obtained in the step 3. The model trained by the method can detect Webshells of multiple languages, has a good detection effect on samples hidden through obfuscated coding, and is high in accuracy and good in recall rate and F1 value effect.

The invention relates to an active defense method of program behavior analysis on the basis of a cloud platform. A system comprises a cloud end and a cloud client, wherein the cloud end consists of a malicious code behavior analysis module, a program behavior monitoring module and a malicious code processing module, and the cloud client comprises a program behavior monitoring module, a malicious code behavior identification module and a malicious code processing module. The active defense method has the advantages that the cloud platform is introduced, in addition, the behavior algorithm identification program of the program behavior analysis, identification and processing is used as the basis, the security risk static defense capability of a host computer system can be intelligently improved, the security defense capability of a terminal host computer is effectively improved, the infection probability of the terminal host computer on malicious codes such as viruses, Trojan, backdoor program and the like is reduced, and the security of the host computer is ensured.

The invention relates to a big data-based source code comprehensive evaluation platform. The platform comprises four subsystems including a front-end system, a back-end system, a detection system anda data acquisition and storage system; the front-end system is used for data display and user interaction; the back-end system is used for system configuration, task scheduling, detection result analysis, storage and exchange; the detection system is used for implementation and detection analysis of various system detection functions and algorithms, and can be customized and expanded; and the dataacquisition and storage system is used for data acquisition, cleaning, updating, backup, synchronization and storage. Therefore, the platform can be deployed in a computer cluster or deployed in a single machine. A massive source code knowledge base is established through the big data platform; a plurality of special detection algorithms and acceleration algorithms can be utilized; and the demands of source code cloning, static detection, vulnerability detection, trojan backdoor detection, workload evaluation, scientific and technological content evaluation, intellectual property protection and the like can be comprehensively met.

This patent concerns novel technology for detecting backdoors in neural network, particularly deep neural network (DNN) classification or prediction/regression models. The backdoors are planted by suitably poisoning the training dataset, i.e., a data-poisoning attack. Once added to an input sample from a source class of the attack, the backdoor pattern causes the decision of the neural network to change to the attacker's target class in the case of classification, or causes the output of the network to significantly change in the case of prediction or regression. The backdoors under consideration are small in norm so as to be imperceptible to a human or otherwise innocuous/evasive, but this does not limit their location, support or manner of incorporation. There may not be components (edges, nodes) of the DNN which are specifically dedicated to achieving the backdoor function. Moreover, the training dataset used to learn the classifier or predictor/regressor may not be available. In one embodiment of the present invention, which addresses such challenges, if the classifier or predictor/regressor is poisoned then the backdoor pattern is determined through a feasible optimization process, followed by an inference process, so that both the backdoor pattern itself and the associated source class(es) and target class are determined based only on the classifier or predictor/regressor parameters and using a set of clean (unpoisoned) samples, from the different classes (none of which may be training samples).

Malware analysis and root-cause analysis, and information security insights based on Operating System sampled data. Sampled data includes structured logs, Operating System Snapshots, programs and/or processes and/or kernel crashes, crash dumps, memory dumps, stackshots, simulated crashes or samples. The sampled data contains payload for extraction for the purpose of detection, evaluation and reproduction of threats, infection vector, threat actors and persistence methods in the form of backdoors or Trojans or exploitable vulnerabilities used for initial infiltration or lateral movement.

Methods and apparatuses for malware analysis and root-cause analysis, and information security insights based on Operating System sampled data such as structured logs, Operating System Snapshots, programs and/or processes and/or kernel crash dumps or samples containing payload for extraction for the purpose of detection and evaluation of threats, infection vector, threat actors and persistence methods in the form of backdoors or Trojans or unknown exploitable vulnerabilities used.

The invention discloses a federal learning backdoor attack defense method based on DAGMM, and the method comprises the following steps: (1) a client receives a global model, and trains and uploads a local model and a corresponding neuron activation condition; (2) the server receives the update and calculates the loss of the corresponding client by using the DAGMM; and (3) defense is performed based on multi-round reconstruction errors. According to the invention, the model can be effectively protected from backdoor attack.

The invention provides an attack test method, a host server and a control server, and solves a problem of how to carry out an attack test on a core network service surface. The method comprises stepsthat when a distributed denial of service DDoS test is carried out, the first test control information is acquired, and the first test indication information is used for indicating to carry out an attack test; attack traffic is generated according to the first test control information; and the attack traffic is sent to a service plane network element. The method is advantaged in that the virtual host is controlled by the control server, so large-scale DDoS attacks can be safely and effectively simulated, and diffusion threats of backdoor programs and harm caused by botnets do not need to be considered.

The invention relates to an industrial network endogenous security boundary protection method, device and system, and the method comprises the steps: monitoring and collecting production management network data traffic through a network card, caching the data traffic, and distributing the data traffic to a plurality of heterogeneous filtering review executors; filtering and reviewing the address, the protocol, the industrial control protocol and the control parameter in the data flow by using a filtering and reviewing executor, and outputting a reviewing result; performing mimicry judgment on the review results output by the plurality of heterogeneous filtering review executors, and determining whether to forward the data traffic to the field control network based on the mimicry judgment results and discriminating the abnormal executors to dynamically schedule the executors for filtering and reviewing the data traffic to be online and offline. Aiming at security threats faced by the industrial network boundary protection equipment, a mimicry defense technology is combined, a filtering review function is stripped out, and the uncertainty threats caused by unknown vulnerabilities or backdoors of the industrial network boundary protection equipment are relieved through heterogeneous and redundancy filtering review execution bodies.

The invention provides a website back door detection method and device. The website backdoor detection method comprises steps of putting a file of a website to be detected into an independent space isolated from a practical execution environment of the file of the website to be detected for operation; constructing an external parameter carrying a danger label and supplying the external parameter to the file of the website to be detected by responding to an external parameter obtaining request transmitted by the file of the website to be detected during operation in the independent space, wherein the external parameter carrying the danger label goes through a booking string processing function and the danger label is maintained; determining whether the file of the website to be detected executes the danger function during a process of operating in the independent space and whether the parameter of the danger function has the danger label; if afacts that the file of the website to be detected executes the danger function in the process of operating in the independent space and the danger function calls the parameter with the danger labels is determined, detecting that the file of the website to be detected is a backdoor file. The embodiment of the website back door detection method and device can effectively detect the backdoor of the website.

The invention discloses a solution for a cloud Web application to cope with virtual host layer attacks. The method comprises the steps: creating heterogeneous servers on the cloud, and achieving the data consistency of all the servers through shared storage; achieving the dynamic change of the server through a certain flow forwarding strategy, so as to present a dynamic change target which is difficult to observe and predict for an attacker, thereby increasing the attack difficulty and cost for unknown vulnerabilities and backdoors; and finally, through offline and self-healing of the attackedserver, achieving a purpose that the service is not interrupted. According to the invention, dynamic heterogeneous redundant server deployment is realized, and known and unknown attacks in the network can be solved.

The invention discloses a webpage log attack information detection method, system and device and a readable storage medium, and the method comprises the steps: obtaining a webpage log, carrying out the splitting of the webpage log through a data cleaning model, and obtaining a data segment; merging the request responses in the data fragments in series according to a timeline by utilizing a keywordanalysis model to obtain a flow portrait; utilizing a webpage backdoor analysis model to retrieve malicious codes in the webpage logs; performing sandbox test on the malicious code to obtain a test result; and adding a test result in the flow portrait, and obtaining a webpage backdoor attack timeline. According to the method, the webpage log is processed, so that the webpage backdoor attack timeline used for tracking the attacker and restoring the attack process can be finally obtained, and powerful reference evidences are provided for capturing the attacker in time and preventing the attacker from committing a crime next time.

Mechanisms are provided for evaluating a trained machine learning model to determine whether the machine learning model has a backdoor trigger. The mechanisms process a test dataset to generate outputclassifications for the test dataset, and generate, for the test dataset, gradient data indicating a degree of change of elements within the test dataset based on the output generated by processing the test dataset. The mechanisms analyze the gradient data to identify a pattern of elements within the test dataset indicative of a backdoor trigger. The mechanisms generate, in response to the analysis identifying the pattern of elements indicative of a backdoor trigger, an output indicating the existence of the backdoor trigger in the trained machine learning model.

The invention relates to a backdoor confrontation sample generation method of a PE malicious software detection model based on R-DBSCAN, and belongs to the field of computer malicious software detection. The method mainly aims at solving the problem that a malicious software detection model is high in attack difficulty under the black box condition. The method comprises the following steps: firstly, acquiring a PE sample from a public data set, training a proxy training model, and reducing the dimension of the data set by adopting an SHAP value; clustering the samples by adopting an R-DBSCAN method, and taking a center node of each cluster as a sampling point to construct a new data set; training a neural network model; respectively inputting malicious and benign sample files, and recording neurons which greatly influence a classification result according to the weight change condition of the neurons in the neural network; embedding a character string with any length into the empty PE file, taking a character string which greatly influences the character string according to the weight change condition of the neuron, and recording the neuron; embedding a trigger into an original malicious PE file, and modifying a label to achieve adversarial training of a neural network.

The invention belongs to the technical field of Internet, and particularly relates to a data set protection and verification method based on backdoor attacks, which comprises the following steps: setting the proportion of watermarks gamma according to actual requirements; dividing the original data set into a benign sample data set Dbenign and an attack sample data set Dattack according to gamma;adding watermarks to the attack sample data set Dattack obtained after division, and obtaining a processed attack sample data set Dmodified; and mixing the processed attack sample data set Dmodified with the benign sample data set Dbenign to obtain a watermark data set Dwatermarked. According to the method, attack samples are set by adding triggers to part of the samples, so that when the model istrained by using a standard training process on a watermark data set, a hidden backdoor can be specified while the prediction precision of benign samples is maintained. The method is used for protecting the data set.