Sample detection method and device and computer readable storage medium

A sample and technology to be tested, applied in the field of information security, can solve problems such as high computing resource overhead, and achieve the effect of improving information security

Pending Publication Date: 2022-04-12
HILLSTONE NETWORKS CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Embodiments of the present invention provide a method, device, and computer-readable storage medium for detecting samples, so as to at least solve the technical problem of high computing resource overhead in the prior art when detecting samples to be detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sample detection method and device and computer readable storage medium
  • Sample detection method and device and computer readable storage medium
  • Sample detection method and device and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] According to an embodiment of the present invention, an embodiment of a method for detecting samples is provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and, although A logical order is shown in the flowcharts, but in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0032] In addition, it should be noted that the electronic device can be used as the execution body of the method for detecting samples in this application. Among them, the electronic devices include at least desktop computers, notebook computers, smart phones, smart tablets, smart watches and other devices. In addition, the electronic device as the execution subject also includes a software system running on the electronic device and a running software program.

[0033] figure 1 is a flowchart of a metho...

Embodiment 2

[0077] According to an embodiment of the present invention, an embodiment of a device for detecting a sample is also provided, wherein, Figure 7 is a schematic diagram of a device for detecting samples according to an embodiment of the present invention, such as Figure 7 As shown, the device includes: a first determination module 701 , a reading module 702 , an acquisition module 703 and a second determination module 704 .

[0078] Among them, the first determination module 701 is used to determine the target function corresponding to the sample to be detected, wherein the target function represents a piece of code executed by the operating system when processing the sample to be detected; Read the interface address corresponding to the target function in the stack; the obtaining module 703 is used to obtain the first target data of the preset number of bytes and the second target data of the preset number of bytes according to the interface address, wherein the first target...

Embodiment 3

[0087] According to another aspect of the embodiments of the present invention, a computer-readable storage medium is also provided, and a computer program is stored in the computer-readable storage medium, wherein the computer program is set to perform the detection in the above-mentioned embodiment 1 when running sample method.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a sample detection method and device and a computer readable storage medium. The method comprises the steps that a target function corresponding to a to-be-detected sample is determined, and the target function represents a section of code executed when an operating system processes the to-be-detected sample; reading an interface address corresponding to the target function from a target stack corresponding to the target function; first target data with a preset byte number and second target data with a preset byte number are obtained according to the interface address, the first target data are located before the data corresponding to the interface address, and the second target data are located after the data corresponding to the interface address; and determining whether the to-be-detected sample is an abnormal sample according to the first target data and the second target data. The technical problem that in the prior art, when the to-be-detected sample is detected, the computing resource overhead is large is solved.

Description

technical field [0001] The present invention relates to the field of information security, in particular to a method, device and computer-readable storage medium for detecting samples. Background technique [0002] In the field of information security, a sandbox refers to a tool used to test untrusted files or applications waiting for detection samples in an isolated environment. The sandbox is actually a virtual system program through which operators can run browsers or other programs in the sandbox environment, and the changes produced during the sandbox operation can be deleted after the test . Therefore, the sandbox creates an independent operating environment, and the programs running inside it will not have a permanent impact on the hard disk. [0003] However, in the prior art, when using the sandbox to identify whether there is data that can generate malicious attack behavior in the sample to be detected, the computer needs to obtain all the instructions used in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F21/56G06F21/55
Inventor 刘志诚贺志强许勇蒋自立
Owner HILLSTONE NETWORKS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap