CN100422900C - 一种基于数据流的计算机病毒查杀方法 - Google Patents
一种基于数据流的计算机病毒查杀方法 Download PDFInfo
- Publication number
- CN100422900C CN100422900C CNB2005101013781A CN200510101378A CN100422900C CN 100422900 C CN100422900 C CN 100422900C CN B2005101013781 A CNB2005101013781 A CN B2005101013781A CN 200510101378 A CN200510101378 A CN 200510101378A CN 100422900 C CN100422900 C CN 100422900C
- Authority
- CN
- China
- Prior art keywords
- virus
- killing
- file
- data stream
- characteristic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 241000700605 Viruses Species 0.000 title claims abstract description 151
- 238000000034 method Methods 0.000 title claims abstract description 71
- 239000002574 poison Substances 0.000 claims description 22
- 231100000614 poison Toxicity 0.000 claims description 22
- 230000003612 virological effect Effects 0.000 claims description 13
- GNFTZDOKVXKIBK-UHFFFAOYSA-N 3-(2-methoxyethoxy)benzohydrazide Chemical compound COCCOC1=CC=CC(C(=O)NN)=C1 GNFTZDOKVXKIBK-UHFFFAOYSA-N 0.000 claims description 2
- 238000000605 extraction Methods 0.000 claims 1
- 239000000284 extract Substances 0.000 abstract description 7
- 230000035772 mutation Effects 0.000 description 5
- 241000726445 Viroids Species 0.000 description 3
- 230000000840 anti-viral effect Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000012512 characterization method Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Images
Landscapes
- Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101013781A CN100422900C (zh) | 2005-11-17 | 2005-11-17 | 一种基于数据流的计算机病毒查杀方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005101013781A CN100422900C (zh) | 2005-11-17 | 2005-11-17 | 一种基于数据流的计算机病毒查杀方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1801033A CN1801033A (zh) | 2006-07-12 |
CN100422900C true CN100422900C (zh) | 2008-10-01 |
Family
ID=36811077
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2005101013781A Active CN100422900C (zh) | 2005-11-17 | 2005-11-17 | 一种基于数据流的计算机病毒查杀方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100422900C (zh) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101373502B (zh) * | 2008-05-12 | 2012-06-20 | 公安部第三研究所 | 基于Win32平台下病毒行为的自动化分析系统 |
CN101599947B (zh) * | 2008-06-06 | 2014-04-23 | 盛趣信息技术(上海)有限公司 | 基于web网页的木马病毒扫描方法 |
CN102073815B (zh) * | 2010-12-27 | 2013-11-20 | 奇瑞汽车股份有限公司 | 一种车载杀毒系统及其杀毒方法 |
CN102945342B (zh) * | 2012-09-29 | 2015-08-05 | 北京奇虎科技有限公司 | 进程识别方法、装置和终端设备 |
CN111191233B (zh) * | 2019-07-31 | 2024-05-24 | 腾讯科技(深圳)有限公司 | 一种宏病毒处理方法、装置和存储介质 |
CN112149115A (zh) * | 2020-08-28 | 2020-12-29 | 杭州安恒信息技术股份有限公司 | 一种病毒库的更新方法、装置、电子装置和存储介质 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6006329A (en) * | 1997-08-11 | 1999-12-21 | Symantec Corporation | Detection of computer viruses spanning multiple data streams |
CN1409222A (zh) * | 2001-09-14 | 2003-04-09 | 北京瑞星科技股份有限公司 | 计算机内存病毒监控和带毒运行方法 |
CN1584857A (zh) * | 2003-08-22 | 2005-02-23 | 童勤业 | 变结构文件防病毒及其软、硬件实现方法 |
-
2005
- 2005-11-17 CN CNB2005101013781A patent/CN100422900C/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6006329A (en) * | 1997-08-11 | 1999-12-21 | Symantec Corporation | Detection of computer viruses spanning multiple data streams |
CN1409222A (zh) * | 2001-09-14 | 2003-04-09 | 北京瑞星科技股份有限公司 | 计算机内存病毒监控和带毒运行方法 |
CN1584857A (zh) * | 2003-08-22 | 2005-02-23 | 童勤业 | 变结构文件防病毒及其软、硬件实现方法 |
Also Published As
Publication number | Publication date |
---|---|
CN1801033A (zh) | 2006-07-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Haq et al. | A survey of binary code similarity | |
Bayer et al. | Scalable, behavior-based malware clustering. | |
Zeng et al. | WATSON: Abstracting Behaviors from Audit Logs via Aggregation of Contextual Semantics. | |
Crussell et al. | Andarwin: Scalable detection of semantically similar android applications | |
CN101924761B (zh) | 一种依据白名单进行恶意程序检测的方法 | |
CN100422900C (zh) | 一种基于数据流的计算机病毒查杀方法 | |
Alrabaee et al. | Oba2: An onion approach to binary code authorship attribution | |
CN101923617B (zh) | 一种基于云的样本数据库动态维护方法 | |
US8955120B2 (en) | Flexible fingerprint for detection of malware | |
Zhang et al. | Libid: reliable identification of obfuscated third-party android libraries | |
Kirat et al. | Sigmal: A static signal processing based malware triage | |
Masud et al. | Cloud-based malware detection for evolving data streams | |
Kholidy et al. | DDSGA: A data-driven semi-global alignment approach for detecting masquerade attacks | |
US20160094564A1 (en) | Taxonomic malware detection and mitigation | |
RU2617654C2 (ru) | Система и способ формирования набора антивирусных записей, используемых для обнаружения вредоносных файлов на компьютере пользователя | |
US10191726B2 (en) | Biosequence-based approach to analyzing binaries | |
Alrabaee et al. | A survey of binary code fingerprinting approaches: taxonomy, methodologies, and features | |
Patrick-Evans et al. | Probabilistic naming of functions in stripped binaries | |
CN103607381A (zh) | 白名单生成及恶意程序检测方法、客户端和服务器 | |
CN103475671A (zh) | 恶意程序检测方法 | |
CN109583201A (zh) | 识别恶意中间语言文件的系统和方法 | |
Eskandari et al. | Frequent sub‐graph mining for intelligent malware detection | |
Mahawer et al. | Metamorphic malware detection using base malware identification approach | |
CN103593614B (zh) | 一种未知病毒检索方法 | |
EP2819054A1 (en) | Flexible fingerprint for detection of malware |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee | ||
CP01 | Change in the name or title of a patent holder |
Address after: Jinshan computer Building No. 8 Jingshan Hill Road, Lane 519015 Lianshan Jida Zhuhai city in Guangdong Province Patentee after: Zhuhai Kingsoft Software Co.,Ltd. Address before: Jinshan computer Building No. 8 Jingshan Hill Road, Lane 519015 Lianshan Jida Zhuhai city in Guangdong Province Patentee before: Zhuhai Kingsoft Software Co.,Ltd. |
|
ASS | Succession or assignment of patent right |
Owner name: ZHUHAI JUNTIAN ELECTRONICS TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: ZHUHAI KINGSOFT SOFTWARE CO., LTD. Effective date: 20110426 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 519015 KINGSOFT COMPUTER BUILDING, NO. 8, LIANSHAN LANE, JINGSHAN ROAD, JIDA, ZHUHAI CITY, GUANGDONG PROVINCE TO: 519015 KINGSOFT COMPUTER BUILDING, NO. 8, LIANSHAN LANE, JINGSHAN ROAD, JIDA, ZHUHAI, GUANGDONG |
|
TR01 | Transfer of patent right |
Effective date of registration: 20110426 Address after: 519015 Guangdong Zhuhai, Jingshan Hill Road, Lane 8, Jinshan building computer Lianshan Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Address before: Jinshan computer Building No. 8 Jingshan Hill Road, Lane 519015 Lianshan Jida Zhuhai city in Guangdong Province Patentee before: Zhuhai Kingsoft Software Co.,Ltd. |
|
ASS | Succession or assignment of patent right |
Owner name: BEIKE INTERNET (BEIJING) SECURITY TECHNOLOGY CO., Free format text: FORMER OWNER: ZHUHAI JUNTIAN ELECTRONICS TECHNOLOGY CO., LTD. Effective date: 20140704 Owner name: BEIJING GOLDEN HILL NETWORK TECHNOLOGY CO., LTD. K Effective date: 20140704 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 519015 ZHUHAI, GUANGDONG PROVINCE TO: 100041 SHIJINGSHAN, BEIJING |
|
TR01 | Transfer of patent right |
Effective date of registration: 20140704 Address after: 100041 Beijing, Shijingshan District Xing Xing street, building 30, No. 3, building 2, A-0071 Patentee after: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Patentee after: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. Patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee after: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Address before: Jinshan computer Building No. 8 Jingshan Hill Road, Lane 519015 Lianshan Jida Zhuhai city in Guangdong Province Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |
Address after: 100041 A-0071, 2nd floor, No. 3 Courtyard, 30 Shixing Street, Shijingshan District, Beijing Co-patentee after: Beijing Cheetah Network Technology Co.,Ltd. Patentee after: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Co-patentee after: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. Co-patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Address before: 100041 A-0071, 2nd floor, No. 3 Courtyard, 30 Shixing Street, Shijingshan District, Beijing Co-patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. Patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Co-patentee before: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. Co-patentee before: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20181226 Address after: 519031 Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 100041 A-0071, 2nd floor, No. 3 Courtyard, 30 Shixing Street, Shijingshan District, Beijing Co-patentee before: Beijing Cheetah Network Technology Co.,Ltd. Patentee before: Beijing Cheetah Mobile Technology Co.,Ltd. Co-patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Co-patentee before: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. Co-patentee before: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. |