CN104239800B - Pdf中触发漏洞威胁的检测方法及装置 - Google Patents
Pdf中触发漏洞威胁的检测方法及装置 Download PDFInfo
- Publication number
- CN104239800B CN104239800B CN201410510251.4A CN201410510251A CN104239800B CN 104239800 B CN104239800 B CN 104239800B CN 201410510251 A CN201410510251 A CN 201410510251A CN 104239800 B CN104239800 B CN 104239800B
- Authority
- CN
- China
- Prior art keywords
- string value
- uri
- processor
- cmd
- bat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 67
- 230000001960 triggered effect Effects 0.000 title claims abstract description 16
- 238000010276 construction Methods 0.000 claims abstract description 10
- 238000000034 method Methods 0.000 claims description 18
- 241000283726 Bison Species 0.000 claims description 4
- 230000008901 benefit Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000007547 defect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000000875 corresponding effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 241000894007 species Species 0.000 description 1
- 238000011895 specific detection Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Description
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410510251.4A CN104239800B (zh) | 2014-09-28 | 2014-09-28 | Pdf中触发漏洞威胁的检测方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410510251.4A CN104239800B (zh) | 2014-09-28 | 2014-09-28 | Pdf中触发漏洞威胁的检测方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104239800A CN104239800A (zh) | 2014-12-24 |
CN104239800B true CN104239800B (zh) | 2017-10-13 |
Family
ID=52227842
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410510251.4A Expired - Fee Related CN104239800B (zh) | 2014-09-28 | 2014-09-28 | Pdf中触发漏洞威胁的检测方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104239800B (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109948123B (zh) * | 2018-11-27 | 2023-06-02 | 创新先进技术有限公司 | 一种图像合并方法及装置 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101826139A (zh) * | 2009-12-30 | 2010-09-08 | 厦门市美亚柏科信息股份有限公司 | 一种非可执行文件挂马检测方法及其装置 |
CN103310150A (zh) * | 2012-03-13 | 2013-09-18 | 百度在线网络技术(北京)有限公司 | 一种检测pdf漏洞的方法和装置 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8997219B2 (en) * | 2008-11-03 | 2015-03-31 | Fireeye, Inc. | Systems and methods for detecting malicious PDF network content |
US8370934B2 (en) * | 2009-06-25 | 2013-02-05 | Check Point Software Technologies Ltd. | Methods for detecting malicious programs using a multilayered heuristics approach |
-
2014
- 2014-09-28 CN CN201410510251.4A patent/CN104239800B/zh not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101826139A (zh) * | 2009-12-30 | 2010-09-08 | 厦门市美亚柏科信息股份有限公司 | 一种非可执行文件挂马检测方法及其装置 |
CN103310150A (zh) * | 2012-03-13 | 2013-09-18 | 百度在线网络技术(北京)有限公司 | 一种检测pdf漏洞的方法和装置 |
Also Published As
Publication number | Publication date |
---|---|
CN104239800A (zh) | 2014-12-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108763928B (zh) | 一种开源软件漏洞分析方法、装置和存储介质 | |
US11848913B2 (en) | Pattern-based malicious URL detection | |
CN110233849B (zh) | 网络安全态势分析的方法及系统 | |
US10621349B2 (en) | Detection of malware using feature hashing | |
Wang et al. | Jsdc: A hybrid approach for javascript malware detection and classification | |
CN105491053A (zh) | 一种Web恶意代码检测方法及系统 | |
CN106407803B (zh) | Sql注入漏洞的检测方法及装置 | |
EP3371953B1 (en) | System and methods for detecting domain generation algorithm (dga) malware | |
US11647032B2 (en) | Apparatus and method for classifying attack groups | |
CN106384048A (zh) | 一种威胁信息处理方法与装置 | |
EP3566166A1 (en) | Management of security vulnerabilities | |
KR102362516B1 (ko) | 사이버 위협 정보 처리 장치, 사이버 위협 정보 처리 방법 및 사이버 위협 정보 처리하는 프로그램을 저장하는 저장매체 | |
CN105354494A (zh) | 网页数据篡改的检测方法及装置 | |
CN105306467A (zh) | 网页数据篡改的分析方法及装置 | |
Li et al. | Large-scale third-party library detection in android markets | |
US20230252136A1 (en) | Apparatus for processing cyber threat information, method for processing cyber threat information, and medium for storing a program processing cyber threat information | |
CN105468975A (zh) | 恶意代码误报的追踪方法、装置及系统 | |
Jaeger et al. | Normalizing security events with a hierarchical knowledge base | |
CN104239800B (zh) | Pdf中触发漏洞威胁的检测方法及装置 | |
US20240054210A1 (en) | Cyber threat information processing apparatus, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
KR102411383B1 (ko) | 사이버 위협 정보 처리 장치, 사이버 위협 정보 처리 방법 및 사이버 위협 정보 처리하는 프로그램을 저장하는 저장매체 | |
EP4386597A1 (en) | Cyber threat information processing device, cyber threat information processing method, and storage medium storing cyber threat information processing program | |
CN104462966B (zh) | Pdf中触发漏洞威胁的检测方法及装置 | |
CN115310087A (zh) | 一种基于抽象语法树的网站后门检测方法和系统 | |
Li et al. | LogKernel: A threat hunting approach based on behaviour provenance graph and graph kernel clustering |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee after: Beijing Qizhi Business Consulting Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
TR01 | Transfer of patent right |
Effective date of registration: 20210617 Address after: 100016 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Beijing Hongteng Intelligent Technology Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Beijing Qizhi Business Consulting Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100016 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Sanliu0 Digital Security Technology Group Co.,Ltd. Address before: 100016 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee before: Beijing Hongteng Intelligent Technology Co.,Ltd. |
|
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171013 |