CN102043915B - 一种非可执行文件中包含恶意代码的检测方法及其装置 - Google Patents
一种非可执行文件中包含恶意代码的检测方法及其装置 Download PDFInfo
- Publication number
- CN102043915B CN102043915B CN2010105317170A CN201010531717A CN102043915B CN 102043915 B CN102043915 B CN 102043915B CN 2010105317170 A CN2010105317170 A CN 2010105317170A CN 201010531717 A CN201010531717 A CN 201010531717A CN 102043915 B CN102043915 B CN 102043915B
- Authority
- CN
- China
- Prior art keywords
- instruction
- data
- code
- file
- malicious code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Description
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105317170A CN102043915B (zh) | 2010-11-03 | 2010-11-03 | 一种非可执行文件中包含恶意代码的检测方法及其装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105317170A CN102043915B (zh) | 2010-11-03 | 2010-11-03 | 一种非可执行文件中包含恶意代码的检测方法及其装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102043915A CN102043915A (zh) | 2011-05-04 |
CN102043915B true CN102043915B (zh) | 2013-01-23 |
Family
ID=43910047
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010105317170A Active CN102043915B (zh) | 2010-11-03 | 2010-11-03 | 一种非可执行文件中包含恶意代码的检测方法及其装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102043915B (zh) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103136473B (zh) * | 2011-11-29 | 2017-07-04 | 姚纪卫 | 检测计算机病毒的方法和装置 |
CN102831215B (zh) * | 2012-08-17 | 2016-06-08 | 芯原微电子(北京)有限公司 | 一种基于嵌入元语言指令的文本处理方法及装置 |
CN104009986B (zh) * | 2014-05-22 | 2017-03-15 | 中国电子科技集团公司第三十研究所 | 一种基于主机的网络攻击跳板检测方法及装置 |
CN104050409B (zh) * | 2014-06-30 | 2016-10-05 | 安一恒通(北京)科技有限公司 | 一种识别被捆绑软件的方法及其装置 |
GB2539448A (en) * | 2015-06-16 | 2016-12-21 | Nordic Semiconductor Asa | Hardware peripheral decoders |
CN106919811B (zh) * | 2015-12-24 | 2020-08-18 | 阿里巴巴集团控股有限公司 | 文件检测方法和装置 |
CN107368740B (zh) * | 2016-05-12 | 2020-10-27 | 中国科学院软件研究所 | 一种针对数据文件中可执行代码的检测方法及系统 |
CN106250767A (zh) * | 2016-08-16 | 2016-12-21 | 北京兰云科技有限公司 | 一种数据检测方法和装置 |
CN110866252A (zh) * | 2018-12-21 | 2020-03-06 | 北京安天网络安全技术有限公司 | 一种恶意代码检测方法、装置、电子设备及存储介质 |
CN111444509B (zh) * | 2018-12-27 | 2024-05-14 | 北京奇虎科技有限公司 | 基于虚拟机实现的cpu漏洞检测方法及系统 |
CN110837372B (zh) * | 2019-11-04 | 2021-01-26 | 贵阳动视云科技有限公司 | 汇编代码清除混淆的方法、装置、介质及设备 |
CN113360902B (zh) * | 2020-03-05 | 2024-02-20 | 奇安信科技集团股份有限公司 | shellcode的检测方法、装置、计算机设备及计算机存储介质 |
CN115086068B (zh) * | 2022-07-19 | 2022-11-08 | 电子科技大学 | 一种网络入侵检测方法和装置 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1648812A (zh) * | 2004-01-30 | 2005-08-03 | 微软公司 | 无代码文件的检测 |
CN101714931A (zh) * | 2009-11-26 | 2010-05-26 | 成都市华为赛门铁克科技有限公司 | 一种未知恶意代码的预警方法、设备和系统 |
CN101826139A (zh) * | 2009-12-30 | 2010-09-08 | 厦门市美亚柏科信息股份有限公司 | 一种非可执行文件挂马检测方法及其装置 |
-
2010
- 2010-11-03 CN CN2010105317170A patent/CN102043915B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1648812A (zh) * | 2004-01-30 | 2005-08-03 | 微软公司 | 无代码文件的检测 |
CN101714931A (zh) * | 2009-11-26 | 2010-05-26 | 成都市华为赛门铁克科技有限公司 | 一种未知恶意代码的预警方法、设备和系统 |
CN101826139A (zh) * | 2009-12-30 | 2010-09-08 | 厦门市美亚柏科信息股份有限公司 | 一种非可执行文件挂马检测方法及其装置 |
Also Published As
Publication number | Publication date |
---|---|
CN102043915A (zh) | 2011-05-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102043915B (zh) | 一种非可执行文件中包含恶意代码的检测方法及其装置 | |
CN109002721B (zh) | 一种信息安全漏洞的挖掘分析方法 | |
Hou et al. | Deep4maldroid: A deep learning framework for android malware detection based on linux kernel system call graphs | |
Abera et al. | C-FLAT: control-flow attestation for embedded systems software | |
US8117660B2 (en) | Secure control flows by monitoring control transfers | |
Carmony et al. | Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. | |
Canfora et al. | Leila: formal tool for identifying mobile malicious behaviour | |
Bonfante et al. | Codisasm: Medium scale concatic disassembly of self-modifying binaries with overlapping instructions | |
Gao et al. | On gray-box program tracking for anomaly detection | |
Lu et al. | Chex: statically vetting android apps for component hijacking vulnerabilities | |
US10055585B2 (en) | Hardware and software execution profiling | |
US10986103B2 (en) | Signal tokens indicative of malware | |
Huang et al. | Software crash analysis for automatic exploit generation on binary programs | |
Tang et al. | A novel hybrid method to analyze security vulnerabilities in android applications | |
Jhi et al. | Program characterization using runtime values and its application to software plagiarism detection | |
US7607122B2 (en) | Post build process to record stack and call tree information | |
CA2674327C (en) | Exploit nonspecific host intrusion prevention/detection methods and systems and smart filters therefor | |
CN102012988A (zh) | 自动二进制恶意代码行为分析方法 | |
CN115098858A (zh) | 一种恶意软件检测方法及装置 | |
Piromsopa et al. | Survey of protections from buffer-overflow attacks | |
Yin et al. | Automatic malware analysis: an emulator based approach | |
Zeng et al. | Tailored application-specific system call tables | |
CN116932381A (zh) | 小程序安全风险自动化评估方法及相关设备 | |
Fasano et al. | Spyware Detection using Temporal Logic. | |
Ibrahim et al. | StIns4CS: A State Inspection Tool for C# |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20110504 Assignee: Xiamen Information Security Research Institute Co., Ltd. Assignor: Xiamen Meiya Pico Information Co., Ltd. Contract record no.: 2014350000079 Denomination of invention: Method and device for detecting malicious code contained in non-executable file Granted publication date: 20130123 License type: Exclusive License Record date: 20140710 |
|
LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20170401 Address after: View of the road Xiamen city Fujian province 361000 Software Park No. 14 Patentee after: Xiamen Information Security Research Institute Co., Ltd. Address before: AIU Cupressaceae No. 12 building, 361000 Fujian province Xiamen software park two sunrise Road Patentee before: Xiamen Meiya Pico Information Co., Ltd. |