CN103955644A - 一种基于终端自启动项的静态木马检测方法 - Google Patents
一种基于终端自启动项的静态木马检测方法 Download PDFInfo
- Publication number
- CN103955644A CN103955644A CN201410171414.0A CN201410171414A CN103955644A CN 103955644 A CN103955644 A CN 103955644A CN 201410171414 A CN201410171414 A CN 201410171414A CN 103955644 A CN103955644 A CN 103955644A
- Authority
- CN
- China
- Prior art keywords
- record
- file
- startup item
- static
- trojan horse
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410171414.0A CN103955644B (zh) | 2014-04-25 | 2014-04-25 | 一种基于终端自启动项的静态木马检测方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410171414.0A CN103955644B (zh) | 2014-04-25 | 2014-04-25 | 一种基于终端自启动项的静态木马检测方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103955644A true CN103955644A (zh) | 2014-07-30 |
CN103955644B CN103955644B (zh) | 2017-06-06 |
Family
ID=51332919
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410171414.0A Active CN103955644B (zh) | 2014-04-25 | 2014-04-25 | 一种基于终端自启动项的静态木马检测方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103955644B (zh) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104462972A (zh) * | 2014-12-19 | 2015-03-25 | 浪潮电子信息产业股份有限公司 | 一种木马查杀工具 |
CN104503807A (zh) * | 2014-12-31 | 2015-04-08 | 北京奇虎科技有限公司 | 启动项的管理方法及装置 |
CN105590053A (zh) * | 2015-12-18 | 2016-05-18 | 北京奇虎科技有限公司 | 启动项未知风险的检测方法及装置 |
CN109241734A (zh) * | 2018-08-10 | 2019-01-18 | 航天信息股份有限公司 | 一种防护软件运行效率优化方法及系统 |
CN109254805A (zh) * | 2018-09-21 | 2019-01-22 | 武汉斗鱼网络科技有限公司 | 一种应用自启动方法、终端装置及可读存储介质 |
CN110012030A (zh) * | 2019-04-23 | 2019-07-12 | 北京微步在线科技有限公司 | 一种关联检测黑客的方法及装置 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201477598U (zh) * | 2009-09-01 | 2010-05-19 | 北京鼎普科技股份有限公司 | 终端木马监测装置 |
CN103019778A (zh) * | 2012-11-30 | 2013-04-03 | 北京奇虎科技有限公司 | 开机启动项的清理方法和装置 |
US20130091571A1 (en) * | 2011-05-13 | 2013-04-11 | Lixin Lu | Systems and methods of processing data associated with detection and/or handling of malware |
-
2014
- 2014-04-25 CN CN201410171414.0A patent/CN103955644B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201477598U (zh) * | 2009-09-01 | 2010-05-19 | 北京鼎普科技股份有限公司 | 终端木马监测装置 |
US20130091571A1 (en) * | 2011-05-13 | 2013-04-11 | Lixin Lu | Systems and methods of processing data associated with detection and/or handling of malware |
CN103019778A (zh) * | 2012-11-30 | 2013-04-03 | 北京奇虎科技有限公司 | 开机启动项的清理方法和装置 |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104462972A (zh) * | 2014-12-19 | 2015-03-25 | 浪潮电子信息产业股份有限公司 | 一种木马查杀工具 |
CN104503807A (zh) * | 2014-12-31 | 2015-04-08 | 北京奇虎科技有限公司 | 启动项的管理方法及装置 |
CN104503807B (zh) * | 2014-12-31 | 2018-05-25 | 北京奇虎科技有限公司 | 启动项的管理方法及装置 |
CN105590053A (zh) * | 2015-12-18 | 2016-05-18 | 北京奇虎科技有限公司 | 启动项未知风险的检测方法及装置 |
CN105590053B (zh) * | 2015-12-18 | 2018-11-09 | 北京奇虎科技有限公司 | 启动项未知风险的检测方法及装置 |
CN109241734A (zh) * | 2018-08-10 | 2019-01-18 | 航天信息股份有限公司 | 一种防护软件运行效率优化方法及系统 |
CN109254805A (zh) * | 2018-09-21 | 2019-01-22 | 武汉斗鱼网络科技有限公司 | 一种应用自启动方法、终端装置及可读存储介质 |
CN110012030A (zh) * | 2019-04-23 | 2019-07-12 | 北京微步在线科技有限公司 | 一种关联检测黑客的方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN103955644B (zh) | 2017-06-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103955644A (zh) | 一种基于终端自启动项的静态木马检测方法 | |
US11030311B1 (en) | Detecting and protecting against computing breaches based on lateral movement of a computer file within an enterprise | |
Lin et al. | Identifying android malicious repackaged applications by thread-grained system call sequences | |
CN103150511B (zh) | 一种安全防护系统 | |
EP3068095A2 (en) | Monitoring apparatus and method | |
Shabtai et al. | F-sign: Automatic, function-based signature generation for malware | |
KR101851233B1 (ko) | 파일 내 포함된 악성 위협 탐지 장치 및 방법, 그 기록매체 | |
CN103607413B (zh) | 一种网站后门程序检测的方法及装置 | |
KR100992434B1 (ko) | 확장자를 위장한 파일을 탐지하는 방법 및 그 장치 | |
TW201629832A (zh) | 一種識別病毒變種的方法及裝置 | |
CN105046152B (zh) | 基于函数调用图指纹的恶意软件检测方法 | |
CN107016298B (zh) | 一种网页篡改监测方法及装置 | |
CN111723371B (zh) | 构建恶意文件的检测模型以及检测恶意文件的方法 | |
US9992216B2 (en) | Identifying malicious executables by analyzing proxy logs | |
CN104598820A (zh) | 一种基于特征行为分析的木马病检测方法 | |
US20170262632A1 (en) | Secure document importation via portable media | |
CN110135162A (zh) | Webshell后门识别方法、装置、设备及存储介质 | |
WO2020134311A1 (zh) | 一种恶意软件检测方法和装置 | |
CN107800686A (zh) | 一种钓鱼网站识别方法和装置 | |
WO2017197942A1 (zh) | 病毒库的获取方法及装置、设备、服务器、系统 | |
US9959406B2 (en) | System and method for zero-day privilege escalation malware detection | |
CN113901465A (zh) | 一种基于异质网络的Android恶意软件检测方法 | |
CN109756467B (zh) | 一种钓鱼网站的识别方法及装置 | |
CN106375303A (zh) | 攻击防御方法及装置 | |
CN103593614B (zh) | 一种未知病毒检索方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20160511 Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: State Grid Smart Grid Institute Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute |
|
CB02 | Change of applicant information |
Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant after: State Grid Corporation of China Applicant after: China Electric Power Research Institute Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Applicant before: State Grid Corporation of China Applicant before: China Electric Power Research Institute Applicant before: State Grid Smart Grid Institute |
|
COR | Change of bibliographic data | ||
GR01 | Patent grant | ||
GR01 | Patent grant |