CN102024113B - 快速检测恶意代码的方法和系统 - Google Patents
快速检测恶意代码的方法和系统 Download PDFInfo
- Publication number
- CN102024113B CN102024113B CN2010106004648A CN201010600464A CN102024113B CN 102024113 B CN102024113 B CN 102024113B CN 2010106004648 A CN2010106004648 A CN 2010106004648A CN 201010600464 A CN201010600464 A CN 201010600464A CN 102024113 B CN102024113 B CN 102024113B
- Authority
- CN
- China
- Prior art keywords
- file
- behavior pattern
- check point
- module
- apocrypha
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 397
- 238000011068 loading method Methods 0.000 claims description 57
- 238000013515 script Methods 0.000 claims description 18
- 238000001514 detection method Methods 0.000 abstract description 10
- 230000006399 behavior Effects 0.000 description 103
- 238000010586 diagram Methods 0.000 description 4
- 230000009977 dual effect Effects 0.000 description 2
- 238000005303 weighing Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000001235 sensitizing effect Effects 0.000 description 1
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (24)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106004648A CN102024113B (zh) | 2010-12-22 | 2010-12-22 | 快速检测恶意代码的方法和系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010106004648A CN102024113B (zh) | 2010-12-22 | 2010-12-22 | 快速检测恶意代码的方法和系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102024113A CN102024113A (zh) | 2011-04-20 |
CN102024113B true CN102024113B (zh) | 2012-08-01 |
Family
ID=43865399
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010106004648A Active CN102024113B (zh) | 2010-12-22 | 2010-12-22 | 快速检测恶意代码的方法和系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102024113B (zh) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102915421B (zh) * | 2011-08-04 | 2013-10-23 | 腾讯科技(深圳)有限公司 | 文件的扫描方法及系统 |
US20150020203A1 (en) * | 2011-09-19 | 2015-01-15 | Beijing Qihoo Technology Company Limited | Method and device for processing computer viruses |
CN102663284A (zh) * | 2012-03-21 | 2012-09-12 | 南京邮电大学 | 一种基于云计算的恶意代码识别方法 |
CN102664884A (zh) * | 2012-04-18 | 2012-09-12 | 南京邮电大学 | 一种基于云计算的恶意代码识别方法 |
CN103377341A (zh) * | 2012-04-28 | 2013-10-30 | 北京网秦天下科技有限公司 | 一种安全检测的方法和系统 |
CN102833240B (zh) * | 2012-08-17 | 2016-02-03 | 中国科学院信息工程研究所 | 一种恶意代码捕获方法及系统 |
CN102945350B (zh) * | 2012-10-24 | 2016-01-20 | 珠海市君天电子科技有限公司 | 一种远程杀毒的方法 |
CN103034809B (zh) * | 2012-12-14 | 2015-06-10 | 北京奇虎科技有限公司 | 一种免疫文件宏病毒的方法和装置 |
CN103632099B (zh) * | 2013-09-29 | 2016-08-17 | 广州华多网络科技有限公司 | 未导出的Native API函数获取方法及装置 |
CN103593613A (zh) * | 2013-11-26 | 2014-02-19 | 北京网秦天下科技有限公司 | 用于计算机病毒检测的方法、终端、服务器和系统 |
CN105635139B (zh) * | 2015-12-31 | 2019-04-05 | 深圳市安之天信息技术有限公司 | 一种防溢出攻击的文档安全操作与分析的方法及系统 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101329711A (zh) * | 2008-07-24 | 2008-12-24 | 成都市华为赛门铁克科技有限公司 | 一种计算机文件检测的方法及装置 |
CN101795267A (zh) * | 2009-12-30 | 2010-08-04 | 成都市华为赛门铁克科技有限公司 | 病毒检测方法、装置和网关设备 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080134333A1 (en) * | 2006-12-04 | 2008-06-05 | Messagelabs Limited | Detecting exploits in electronic objects |
-
2010
- 2010-12-22 CN CN2010106004648A patent/CN102024113B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101329711A (zh) * | 2008-07-24 | 2008-12-24 | 成都市华为赛门铁克科技有限公司 | 一种计算机文件检测的方法及装置 |
CN101795267A (zh) * | 2009-12-30 | 2010-08-04 | 成都市华为赛门铁克科技有限公司 | 病毒检测方法、装置和网关设备 |
Also Published As
Publication number | Publication date |
---|---|
CN102024113A (zh) | 2011-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102024113B (zh) | 快速检测恶意代码的方法和系统 | |
US9547765B2 (en) | Validating a type of a peripheral device | |
US9922193B2 (en) | Identifying an evasive malicious object based on a behavior delta | |
CN102662741B (zh) | 虚拟桌面的实现方法、装置和系统 | |
US9223975B2 (en) | Data identification system | |
CA2761563C (en) | Annotating virtual application processes | |
US8468522B2 (en) | Virtual machine system, system for forcing policy, method for forcing policy, and virtual machine control program | |
CN100481101C (zh) | 计算机安全启动的方法 | |
US20030200427A1 (en) | Extensible device driver | |
KR20100111518A (ko) | 버퍼 오버플로우 관리를 통한 바이러스 코드 실행방지장치 및 그 방법 | |
US20140259169A1 (en) | Virtual machines | |
US20120079594A1 (en) | Malware auto-analysis system and method using kernel callback mechanism | |
US9411953B1 (en) | Tracking injected threads to remediate malware | |
US8312547B1 (en) | Anti-malware scanning in a portable application virtualized environment | |
US20140317745A1 (en) | Methods and systems for malware detection based on environment-dependent behavior | |
CN101782954A (zh) | 一种计算机及异常进程的检测方法 | |
WO2021174655A1 (zh) | 虚拟数据中心可信状态确定方法、装置、设备及存储介质 | |
US20200218803A1 (en) | Call stack acquisition device, call stack acquisition method, and call stack acquisition program | |
CN111435391A (zh) | 自动确定gui中待交互的交互式gui元素的方法和设备 | |
CN104798080A (zh) | 反恶意软件签名的动态选择和加载 | |
US8898591B2 (en) | Program removal | |
EP3029564A1 (en) | System and method for providing access to original routines of boot drivers | |
US10372472B2 (en) | System, method, and computer program product for conditionally preventing use of hardware virtualization | |
US10356267B2 (en) | Information processing apparatus, control method, and storage medium | |
CN110851824A (zh) | 一种针对恶意容器的检测方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee | ||
CP02 | Change in the address of a patent holder |
Address after: 100190 Zhongguancun Haidian District street, No. 14, layer, 1 1415-16 Patentee after: Beijing Antiy Electronic Installation Co., Ltd. Address before: 100085, 2B-521, bright city, No. 1, Nongda South Road, Beijing, Haidian District Patentee before: Beijing Antiy Electronic Installation Co., Ltd. |
|
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100190 Beijing city Haidian District minzhuang Road No. 3, Tsinghua Science Park Building 1 Yuquan Huigu a Patentee after: Beijing ahtech network Safe Technology Ltd Address before: 100190 Zhongguancun Haidian District street, No. 14, layer, 1 1415-16 Patentee before: Beijing Antiy Electronic Installation Co., Ltd. |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Method and system for quickly detecting malicious code Effective date of registration: 20170821 Granted publication date: 20120801 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2017990000776 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20180817 Granted publication date: 20120801 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2017990000776 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Method and system for quickly detecting malicious code Effective date of registration: 20180817 Granted publication date: 20120801 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990000700 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20191021 Granted publication date: 20120801 Pledgee: CITIC Bank Harbin branch Pledgor: Beijing ahtech network Safe Technology Ltd Registration number: 2018990000700 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right |