Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Threat traceability method and device for malicious software

A malicious software and event technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of active defense that cannot trace threats and consume network resources, and achieve the effects of avoiding secondary attacks, reducing network resources, and high processing efficiency

Active Publication Date: 2021-04-16
ALIBABA GRP HLDG LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of this application is to provide a threat source method and device for malicious software, to achieve the purpose of real-time threat source tracking, to solve the problem that active defense cannot be used for threat source tracking, and to use big data analysis to perform threat source source consuming network resources and lag. The problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Threat traceability method and device for malicious software
  • Threat traceability method and device for malicious software
  • Threat traceability method and device for malicious software

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027]It should be mentioned before it discussed exemplary embodiments in more detail, some exemplary embodiments are described as a process or method depicted as a flowchart. While the flowchart describes the operations described in order, many of them can be implemented in parallel, concurrently or simultaneously. In addition, the order in which each operation can be rearranged. The processing can be terminated when its operation is completed, but may also have additional steps not included in the drawings. The process can correspond to methods, functions, procedures, subroutines, subroutines, and the like.

[0028]In the context, "Node", "Load Balancing Apparatus" is a computer device, which can perform a smart electronic device such as a predetermined processing and / or logic calculation by run a predetermined program or instruction, which can include processing. The device and the memory are executed by the processor to perform a pre-depoxing process in the memory, or execute a p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application provides a threat source tracing method and device for malicious software. The method comprises the following steps: when detecting the underlying event of the software, creating an association relationship between nodes according to the underlying event, each node corresponding to a process or file of the underlying event; when detecting a malicious software process, according to the established Correlation finds and logs all dangerous processes and files related to the detected process. Since the association relationship network between nodes is created and updated in real time, the threat source can be quickly traced based on the association relationship network. Compared with the network traceability method of big data analysis, it reduces or even does not need to consume network resources, and the processing efficiency is high.

Description

Technical field[0001]The present application relates to software security technology, and in particular, there is a threat tracing method and device for malware.Background technique[0002]Traditional malware killing tools are analyzed by constant response to malware, thereby updating the feature library; use the feature code match in the feature library to deal with new malware. This approach has a certain lag, and cannot accurately defense unknown malware.[0003]The rise of active defense solves this problem to a certain extent, and analyzes whether a process is malicious process through behavior, thereby performing or blocking. However, some well-designed malware tend to have a complex link. Active defense is generally the last loop, even if the process is blocked or the malicious program is deleted, the entrance to the attack (or source) is not discovered, There is still possible possibilities that are subject to secondary attacks.[0004]For example, the user doubles the browser to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/56
Inventor 姬生利
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com