A malicious document detection method and device

A detection method and document technology, applied in the computer field, to achieve the effect of improving efficiency

Active Publication Date: 2019-09-10
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Embodiments of the present invention provide a malicious document detection method and device for solving the problem that existing malicious document detection methods can only detect specific types of documents

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A malicious document detection method and device
  • A malicious document detection method and device
  • A malicious document detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0049] image 3 is a schematic flowchart of a malicious document detection method according to an embodiment of the present invention. Such as image 3 Shown, the method of this embodiment comprises:

[0050] S31: Establish a machine learning model according to the structural features and metadata features of the documents of each document type...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a malicious file detection method and device. The method comprises the steps that a machine learning model is built according to structural characteristics and metadata characteristics of files of various file types obtained after unified processing; the structural characteristics and metadata characteristics of a file to be detected are obtained; a general structural characteristic model is adopted for representing the structural characteristics of the file to be detected, a general metadata characteristic model is adopted for representing the metadata characteristics of the file to be detected; the file to be detected is detected according to the machine learning model. The file to be detected is subjected to characteristic representation by adopting the general model, the files of different file types can be detected, the machine learning model does not need to be built for each file type, and the file detection efficiency is improved.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a malicious document detection method and device. Background technique [0002] A malicious document is a document in which malicious code is written in a normal document and the malicious code is executed by exploiting a loophole in the document parsing program. Malicious documents can achieve attack behavior because: in order to enrich the display effect of the document and realize the support for various functions, the document supports embedding script code and allows the execution of system calls. Malicious document detection begins with the detection of Office document macro viruses. At present, the detection of Microsoft Office documents (word, ppt, excel, etc.) and pdf documents is the key research content of malicious document detection. [0003] At present, the detection of malicious documents is mainly through: extracting the malicious shellcode code in the documen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 喻民刘超刘云政李敏姜建国
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap