Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for detecting malicious codes of Gaowei stealing secrets based on backtracking

A technology of high-wei secret stealing and malicious code, applied in the direction of platform integrity maintenance, etc., can solve the problem of undetectable high-wei secret stealing malicious code lag, etc., and achieve the effect of solving difficult detection and quick discovery

Active Publication Date: 2016-07-06
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the above-mentioned technical problems, the present invention provides a method and system for detecting malicious codes of Gaowei stealing secrets based on reverse tracing. code, and utilize correlation comparison technology to detect the associated high-wei stealing malicious code, the method overcomes the shortcomings of traditional malicious code detection methods that cannot detect high-wei stealing malicious code and detection lag

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for detecting malicious codes of Gaowei stealing secrets based on backtracking
  • A method and system for detecting malicious codes of Gaowei stealing secrets based on backtracking

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The present invention provides a method and system for detecting malicious codes based on backtracking, in order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to achieve the above-mentioned purpose of the present invention, The features and advantages can be more obvious and easy to understand. The technical solution in the present invention will be further described in detail below in conjunction with the accompanying drawings:

[0053] The present invention firstly provides a kind of detection method based on reverse tracking malicious code of Gaowei stealing secrets, such as figure 1 shown, including:

[0054] S101 Presetting a decoy file containing sensitive words in the file name or file content in the system, and creating a keyword library composed of sensitive words;

[0055] S102 monitors the decoy file, and judges whether there are processes and / or threads performing illegal ope...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a high-power secret information stealing malicious code detection method and a system based on backward tracing. The method comprises the steps that a bait file and a keyword base are preset in the system; a system file is subjected to keyword base matching if the bait file is monitored and a progress and / or a thread perform / performs illegal operation on the bait file, or if the system file is monitored, and the progress and / or the thread perform / performs illegal operation on the system file; if a sensitive word in the keyword base is found in the system file, the progress and / or the thread are / is positioned, and executable files related to the progress and / or the thread are positioned; white list matching is performed; if the matching fails, the file is a high-power secret information stealing malicious code file; relevance comparison is performed based on the high-power secret information stealing malicious code file; and other related high-power secret information stealing malicious code files are acquired. Therefore, the defect that the existing malicious code detection method cannot detect a high-power secret information stealing malicious code is overcome, and the high-power secret information stealing malicious code detection method is timely in detection, and does not have the hysteretic nature.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a backtracking-based method and system for detecting malicious codes of high-wei stealing secrets. Background technique [0002] The attack behavior of Gaowei stealing malicious code has extremely strong concealment ability, and usually uses the trusted application program loopholes in the enterprise or institutional network to form the network environment required by the attacker; it is also highly targeted, usually before the attack is triggered It is necessary to be familiar with the user's network environment, collect a large amount of accurate information about the user's business process and the usage of the target system, locate the storage location and communication method of key information, and especially collect all kinds of 0day for the attacked environment is an important link. [0003] Gaowei secret-stealing malicious code uses various 0day vuln...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 刘佳男布宁宋兵李柏松
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com