Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Automatic malicious code behavior analysis system

An automatic analysis system and malicious code technology, which is applied in the field of automatic malicious code behavior analysis system, can solve problems such as low efficiency, high cost of testing programs, inability to analyze binary malicious code, etc., and achieve the effect of improving efficiency

Inactive Publication Date: 2019-06-04
西安玖诚玖谊实业有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, setting up different environments and testing the program in this environment is expensive and inefficient, and the possibility of guessing the correct environment that satisfies the conditions is very small
Therefore, this method cannot be fully effective in analyzing binary malicious code

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic malicious code behavior analysis system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] Embodiment one: see figure 1 , in the figure, the malicious code behavior automatic analysis system includes the whole system

[0034] system simulator, symbolic execution module, path analysis module, path selection module, malicious behavior analysis module, control flow analysis module and effective input set analysis module. The input of symbolic variables, after the symbolic execution module discovers the branch that depends on the symbolic variable in the binary malicious code, builds a path judgment predicate logic for each branch; the path analysis module analyzes the path judgment predicate logic generated by the symbolic execution module, and Branches are sorted. If the path judgment predicate logic is satisfyable, the path resolution module returns the input instance set that makes the path judgment predicate logic satisfied, and the path resolution module generates a new execution path and adds it to the path storage pool; path selection The module sets the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an automatic analysis system for malicious code behaviors. The system comprises a full-system simulator, a symbol execution module, a path analysis module, a path selection module, a malicious behavior analysis module, a control flow analysis module and an effective input set analysis module, wherein the symbol execution module finds a branch dependent on a symbol variablein a binary malicious code and then generates path judgment predicate logic. The path analysis module analyzes the path judgment predicate logic, generates a new execution path and adds the new execution path into the path storage pool; the path selection module carries out priority setting on paths in the path storage pool; the control flow analysis module generates and continuously updates a control flow graph CFG; the malicious behavior analysis module extracts malicious behavior characteristics and structural characteristics realized by the associated code segment; the effective input setanalysis module finds out an input value set which enables the malicious behavior program to execute according to a specific path. The invention provides an efficient malicious code behavior automatic analysis system.

Description

technical field [0001] The invention relates to a malicious code behavior analysis system, in particular to an automatic malicious code behavior analysis system. Background technique [0002] Malicious code is one of the important factors threatening computer system and network security. Malicious code is a general term for software with malicious behavior that infiltrates or destroys computer systems without the knowledge of users. , Rootkits, spyware, etc. Malicious code analysis is used to extract the characteristic information of malicious code, which is the basis and premise of malicious code detection and discovery. In recent years, due to the rapid development of malicious code, it is very necessary to automatically analyze binary malicious code. The analysis results are not only very important in the design of defense systems. Useful, and also helps to understand the attacker's attack capabilities. [0003] Currently, one of the methods of malicious code analysis ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
Inventor 翟路海
Owner 西安玖诚玖谊实业有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com