CN104252596A - 一种脚本病毒的监控方法及装置 - Google Patents
一种脚本病毒的监控方法及装置 Download PDFInfo
- Publication number
- CN104252596A CN104252596A CN201310269085.9A CN201310269085A CN104252596A CN 104252596 A CN104252596 A CN 104252596A CN 201310269085 A CN201310269085 A CN 201310269085A CN 104252596 A CN104252596 A CN 104252596A
- Authority
- CN
- China
- Prior art keywords
- script
- function
- action
- shell script
- entrance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310269085.9A CN104252596B (zh) | 2013-06-28 | 2013-06-28 | 一种脚本病毒的监控方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310269085.9A CN104252596B (zh) | 2013-06-28 | 2013-06-28 | 一种脚本病毒的监控方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104252596A true CN104252596A (zh) | 2014-12-31 |
CN104252596B CN104252596B (zh) | 2019-01-25 |
Family
ID=52187482
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310269085.9A Active CN104252596B (zh) | 2013-06-28 | 2013-06-28 | 一种脚本病毒的监控方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104252596B (zh) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104537306A (zh) * | 2015-01-13 | 2015-04-22 | 百度在线网络技术(北京)有限公司 | 识别病毒文件的方法及装置 |
CN106650426A (zh) * | 2016-12-09 | 2017-05-10 | 哈尔滨安天科技股份有限公司 | 一种动态提取可执行文件内存映像的方法及系统 |
CN106897609A (zh) * | 2015-12-17 | 2017-06-27 | 北京奇虎科技有限公司 | 一种对动态加载的应用程序进行监控的方法及装置 |
CN107038375A (zh) * | 2017-03-22 | 2017-08-11 | 国家计算机网络与信息安全管理中心 | 一种获取被感染的宿主程序的解密方法及系统 |
CN108459852A (zh) * | 2018-01-30 | 2018-08-28 | 美通云动(北京)科技有限公司 | 脚本处理方法及装置、存储介质、电子设备 |
CN108710798A (zh) * | 2018-05-18 | 2018-10-26 | 华中科技大学 | 一种Android第三方库间共谋行为检测方法 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040187010A1 (en) * | 2003-03-18 | 2004-09-23 | Anderson W. Kyle | Automated identification and clean-up of malicious computer code |
CN1983295A (zh) * | 2005-12-12 | 2007-06-20 | 北京瑞星国际软件有限公司 | 病毒识别方法及装置 |
CN101350049A (zh) * | 2007-07-16 | 2009-01-21 | 珠海金山软件股份有限公司 | 鉴定病毒文件的方法、装置及网络设备 |
CN101359352A (zh) * | 2008-09-25 | 2009-02-04 | 中国人民解放军信息工程大学 | 分层协同的混淆后api调用行为发现及其恶意性判定方法 |
CN101587522A (zh) * | 2009-06-17 | 2009-11-25 | 北京东方微点信息技术有限责任公司 | 识别脚本病毒的方法及系统 |
CN101667230A (zh) * | 2008-09-02 | 2010-03-10 | 北京瑞星国际软件有限公司 | 一种监控脚本执行的方法和装置 |
-
2013
- 2013-06-28 CN CN201310269085.9A patent/CN104252596B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040187010A1 (en) * | 2003-03-18 | 2004-09-23 | Anderson W. Kyle | Automated identification and clean-up of malicious computer code |
CN1983295A (zh) * | 2005-12-12 | 2007-06-20 | 北京瑞星国际软件有限公司 | 病毒识别方法及装置 |
CN101350049A (zh) * | 2007-07-16 | 2009-01-21 | 珠海金山软件股份有限公司 | 鉴定病毒文件的方法、装置及网络设备 |
CN101667230A (zh) * | 2008-09-02 | 2010-03-10 | 北京瑞星国际软件有限公司 | 一种监控脚本执行的方法和装置 |
CN101359352A (zh) * | 2008-09-25 | 2009-02-04 | 中国人民解放军信息工程大学 | 分层协同的混淆后api调用行为发现及其恶意性判定方法 |
CN101587522A (zh) * | 2009-06-17 | 2009-11-25 | 北京东方微点信息技术有限责任公司 | 识别脚本病毒的方法及系统 |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104537306A (zh) * | 2015-01-13 | 2015-04-22 | 百度在线网络技术(北京)有限公司 | 识别病毒文件的方法及装置 |
CN106897609A (zh) * | 2015-12-17 | 2017-06-27 | 北京奇虎科技有限公司 | 一种对动态加载的应用程序进行监控的方法及装置 |
CN106897609B (zh) * | 2015-12-17 | 2021-03-26 | 北京奇虎科技有限公司 | 一种对动态加载的应用程序进行监控的方法及装置 |
CN106650426A (zh) * | 2016-12-09 | 2017-05-10 | 哈尔滨安天科技股份有限公司 | 一种动态提取可执行文件内存映像的方法及系统 |
CN107038375A (zh) * | 2017-03-22 | 2017-08-11 | 国家计算机网络与信息安全管理中心 | 一种获取被感染的宿主程序的解密方法及系统 |
CN108459852A (zh) * | 2018-01-30 | 2018-08-28 | 美通云动(北京)科技有限公司 | 脚本处理方法及装置、存储介质、电子设备 |
CN108710798A (zh) * | 2018-05-18 | 2018-10-26 | 华中科技大学 | 一种Android第三方库间共谋行为检测方法 |
Also Published As
Publication number | Publication date |
---|---|
CN104252596B (zh) | 2019-01-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2020203503B2 (en) | Automated runtime detection of malware | |
CN104252596A (zh) | 一种脚本病毒的监控方法及装置 | |
Lin et al. | Identifying android malicious repackaged applications by thread-grained system call sequences | |
Caballero et al. | Input generation via decomposition and re-stitching: Finding bugs in malware | |
JP5087661B2 (ja) | 正常プロセスに偽装挿入された悪性コード検出装置、システム及びその方法 | |
CN105683990B (zh) | 用于保护动态库的方法和装置 | |
KR20180120157A (ko) | 데이터세트 추출 기반 패턴 매칭 | |
CN110417768B (zh) | 一种僵尸网络的跟踪方法及装置 | |
WO2018131199A1 (ja) | 結合装置、結合方法および結合プログラム | |
US10412101B2 (en) | Detection device, detection method, and detection program | |
Soliman et al. | Taxonomy of malware analysis in the IoT | |
Cho et al. | Anti-debugging scheme for protecting mobile apps on android platform | |
CN109871681A (zh) | 基于混合分析面向动态代码加载安卓恶意软件检测方法 | |
Chen et al. | Semantic-integrated software watermarking with tamper-proofing | |
KR101557455B1 (ko) | 응용 프로그램 코드 분석 장치 및 그것을 이용한 코드 분석 방법 | |
CN112613000A (zh) | 一种敏感信息保护方法、装置、电子设备及可读存储介质 | |
Sun et al. | IPSpex: Enabling efficient fuzzing via specification extraction on ICS protocol | |
Lee et al. | Classification and analysis of security techniques for the user terminal area in the internet banking service | |
Wang et al. | TVIDS: Trusted virtual IDS with SGX | |
A. Mawgoud et al. | A malware obfuscation AI technique to evade antivirus detection in counter forensic domain | |
KR102358101B1 (ko) | 프로그램 보안 적용방법 | |
JP6258189B2 (ja) | 特定装置、特定方法および特定プログラム | |
Zheng et al. | Design of automated security assessment framework for mobile applications | |
Chen et al. | SLAM: A smart analog module layout generator for mixed analog-digital VLSI design | |
CN107608849A (zh) | 一种面向安卓app加密内容的快速识别方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100041 room 3, 3 West well road, Badachu hi tech park, Shijingshan District, Beijing, 1100A Patentee after: Beijing Cheetah Mobile Technology Co.,Ltd. Patentee after: Beijing Cheetah Network Technology Co.,Ltd. Patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee after: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Patentee after: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. Address before: 100041 room 3, 3 West well road, Badachu hi tech park, Shijingshan District, Beijing, 1100A Patentee before: SHELL INTERNET (BEIJING) SECURITY TECHNOLOGY Co.,Ltd. Patentee before: BEIJING KINGSOFT NETWORK TECHNOLOGY Co.,Ltd. Patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Patentee before: ZHUHAI JUNTIAN ELECTRONIC TECHNOLOGY Co.,Ltd. Patentee before: CONEW NETWORK TECHNOLOGY (BEIJING) Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |