Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for detecting malicious file

A malicious file and detection method technology, applied in the detection method and system field of malicious files, to achieve the effect of avoiding remediation and removal

Inactive Publication Date: 2017-06-27
NUBIA TECHNOLOGY CO LTD
View PDF2 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the present invention is to propose a method and system for detecting malicious files, aiming to solve the problems existing in the defense based on signatures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting malicious file
  • Method and system for detecting malicious file
  • Method and system for detecting malicious file

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0030] A mobile terminal implementing various embodiments of the present invention will now be described with reference to the accompanying drawings. In the following description, the use of suffixes such as 'module', 'part' or 'unit' for denoting elements is only to facilitate description of the present invention and has no specific meaning by itself. Therefore, "module" and "component" may be used mixedly.

[0031] Mobile terminals may be implemented in various forms. For example, terminals described in the present invention may include devices such as mobile phones, smart phones, notebook computers, digital broadcast receivers, PDAs (Personal Digital Assistants), PADs (Tablet Computers), PMPs (Portable Multimedia Players), navigation devices, etc. mobile terminals and fixed terminals such as digital TVs, desktop ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and system for detecting a malicious file. The method comprises the steps that a binary code of a to-be-detected file is obtained; the binary code of the to-be-detected file is subjected to machine learning, and a specific chromatogram of the to-be-detected file is obtained; the specific chromatogram of the to-be-detected file is matched with a model in a threat model base, and a matching value is obtained; the matching value is compared with a preset matching threshold, and whether the to-be-detected file is the malicious file or not is judged according to the comparison result. According to the method and system for detecting the malicious file, manual inspection replacement is not needed, behavioral analysis is not needed, and it is not required that a feature code is created manually; most threat infection can be stopped before intruding into a user and a system, so that time-consuming and labor-consuming remediation and removal are avoided.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and system for detecting malicious files. Background technique [0002] The so-called signature code is the hexadecimal code that the antivirus software extracts from the virus sample and does not exceed 64 bytes and can uniquely represent the characteristics of the virus. There are three main types: single signature, multiple signature and composite signature. The idea of ​​feature code extraction is: first obtain the length of a virus program, and divide the file into several parts according to the length of the sample (the method of segmentation can largely avoid the occurrence of the phenomenon of using a single feature code to falsely report viruses, and can also To avoid false positives caused by excessive concentration of signatures), select a signature string of 16B or 32B for each copy, discard if the information is general information or all zero byte...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/565G06F21/562
Inventor 杨文峰
Owner NUBIA TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products