Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Malicious code detection method and system based on opcode fuzzy classification

A malicious code detection and malicious code technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of opcode instruction changes and failure to detect, and achieve the effect of improving feature quality, reducing size, and improving detection efficiency

Inactive Publication Date: 2016-04-13
HARBIN ANTIY TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The present invention proposes a malicious code detection method and system based on opcode fuzzy classification. The present invention performs fuzzy classification on opcode instructions and uses fuzzy-transformed instruction sequences for matching, which solves the problem of undetectable changes in opcode instructions in the prior art. problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code detection method and system based on opcode fuzzy classification
  • Malicious code detection method and system based on opcode fuzzy classification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0023] The present invention proposes a malicious code heuristic detection method and system based on opcode fuzzy classification. The present invention solves the problem of changing opcode instructions in the prior art by performing fuzzy classification on opcode instructions and using fuzzy transformed instruction sequences for matching. Unable to detect problem.

[0024] The present invention proposes a malicious code detection method based on opcode fuzzy classification, which belongs to heuristic detection, such as figure 1 shown, including:

[0025] S101: Establish a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a malicious code detection method and system based on opcode fuzzy classification. According to the method, opcode instructions with the same functions are classified into one class or instructions with specific functions are classified into one class through performing fuzzy classification on precise opcode instructions; and converted fuzzy instructions are used as the detection basis for detection according to an opcode fuzzy classification rule set. The effective detection can be realized; the detected malicious code can be avoided through the change of the opcode instructions with the same functions; and meanwhile, the instructions with the same functions are classified into one class, so that the size of the feature set scale is reduced, the feature quality is improved, and the detection efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a malicious code detection method and system based on opcode fuzzy classification. Background technique [0002] Traditional opcode-based malicious code detection methods are basically accurate detection. The general method is to extract common opcode sequences in malicious code as features, and detect malicious codes that meet the characteristics. Today's anti-virus is a process of confrontation. As we all know, there is not only one opcode instruction to complete the same function, and there are several or even more than a dozen instructions to complete the same function for some functions. The traditional method extracts the precise opcode instruction sequence. Once a functional instruction is replaced by another instruction, it cannot be detected, so it is difficult to resist the transformation of this instruction. Contents of the invention [0003] The present i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/56
Inventor 童志明张栗伟沈长伟何公道
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com