Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for realizing malicious code marking

A malicious code, the same technology, applied in the field of malicious code labeling based on texture clustering, can solve the problems of low accuracy of family labeling, inconsistent labeling methods, etc.

Active Publication Date: 2015-10-14
BEIJING VENUS INFORMATION SECURITY TECH +1
View PDF4 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] To sum up, in the current malicious code classification and labeling methods, the labeling methods are not uniform, and the accuracy of family labeling is not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for realizing malicious code marking
  • Method and system for realizing malicious code marking
  • Method and system for realizing malicious code marking

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0171] When the user's request to mark the malicious code is received, the malicious code submitted by the user will be cached according to the number of concurrent submissions using a message queue (such as RabbitMQ, Redis, ActiveMQ, etc.), and sent sequentially according to the first-in-first-out (FIFO) principle. To the labeling server, that is, for a malicious code, send it to the benchmark labeling server and the deep labeling server respectively.

[0172] Include the following steps:

[0173] The information digest of each malicious code in the PE file of the malicious code is obtained as the information digest signature of the malicious code.

[0174] It should be noted that if the PE file of the malicious code is directly sent to the baseline annotation server and the deep annotation server at the same time, both the baseline annotation server and the deep annotation server need to obtain the same information abstract as the information abstract signature. In order to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for realizing malicious code marking. The method comprises the following steps of: processing a PE (Portable Executable) file of a malicious code to obtain an information abstract signature, datum dimension and vein features of the malicious code; enabling the vein features belonging to the same malicious code family to generate a corresponding vein feature set according to the datum dimension and the information abstract signature; generating a first clustering cluster according to the vein feature set; merging the first clustering cluster to generate a second clustering cluster; and combining the information abstract signature and the malicious code family deep naming to perform deep marking on the second clustering cluster. The malicious code is subjected to datum dimension and deep marking; the information abstract signature and the malicious code family deep naming are used; the marking method of each malicious code family is specified; and the accuracy and the universality of the malicious code marking are improved.

Description

technical field [0001] The invention relates to the field of computer security, in particular to a method and system for marking malicious codes based on texture clustering. Background technique [0002] With the rapid development of computer technology and Internet applications, information security has become more and more important, and information security has also become an important research field that has attracted much attention. In the face of endless security problems and explosive growth of malware and its variants, it is necessary to continuously improve and improve the detection technology to achieve timely and accurate detection and killing. [0003] Malicious software is a piece of computer instruction. The attacker implants malicious code into the attacked computer through system security holes or other methods, so that the attacked computer performs tasks according to the attacker's wishes, and any computer system information security Both the sequence of c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 曲武周涛毕学尧王君鹤
Owner BEIJING VENUS INFORMATION SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com