CN104462962B - 一种检测未知恶意代码和二进制漏洞的方法 - Google Patents
一种检测未知恶意代码和二进制漏洞的方法 Download PDFInfo
- Publication number
- CN104462962B CN104462962B CN201310415916.9A CN201310415916A CN104462962B CN 104462962 B CN104462962 B CN 104462962B CN 201310415916 A CN201310415916 A CN 201310415916A CN 104462962 B CN104462962 B CN 104462962B
- Authority
- CN
- China
- Prior art keywords
- code
- malicious code
- program
- sandbox
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Abstract
Description
Claims (3)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310415916.9A CN104462962B (zh) | 2013-09-13 | 2013-09-13 | 一种检测未知恶意代码和二进制漏洞的方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310415916.9A CN104462962B (zh) | 2013-09-13 | 2013-09-13 | 一种检测未知恶意代码和二进制漏洞的方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104462962A CN104462962A (zh) | 2015-03-25 |
CN104462962B true CN104462962B (zh) | 2018-07-03 |
Family
ID=52908987
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310415916.9A Active CN104462962B (zh) | 2013-09-13 | 2013-09-13 | 一种检测未知恶意代码和二进制漏洞的方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104462962B (zh) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9317694B2 (en) | 2013-12-03 | 2016-04-19 | Microsoft Technology Licensing, Llc | Directed execution of dynamic programs in isolated environments |
US10162617B2 (en) * | 2015-04-10 | 2018-12-25 | Google Llc | Binary translation into native client |
CN105590058B (zh) * | 2015-12-18 | 2019-04-26 | 北京奇虎科技有限公司 | 虚拟机逃逸的检测方法及装置 |
CN108319850B (zh) * | 2017-01-16 | 2020-12-15 | 华为技术有限公司 | 沙箱检测的方法、沙箱系统和沙箱设备 |
CN107172035A (zh) * | 2017-05-11 | 2017-09-15 | 北京安赛创想科技有限公司 | 网络攻击信息的检测方法及装置 |
CN108334773A (zh) * | 2017-09-11 | 2018-07-27 | 北京安天网络安全技术有限公司 | 一种执行文件检测行为的不同分支的方法和装置 |
CN108875361A (zh) * | 2017-12-28 | 2018-11-23 | 北京安天网络安全技术有限公司 | 一种监控程序的方法、装置、电子设备及存储介质 |
CN110502892A (zh) * | 2019-07-09 | 2019-11-26 | 成都亚信网络安全产业技术研究院有限公司 | 一种异常测试进程的确定方法、装置及系统 |
CN113672917A (zh) * | 2021-08-04 | 2021-11-19 | 安天科技集团股份有限公司 | 恶意代码检测方法、装置、存储介质及电子设备 |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101154258A (zh) * | 2007-08-14 | 2008-04-02 | 电子科技大学 | 恶意程序动态行为自动化分析系统与方法 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7886272B1 (en) * | 2006-03-16 | 2011-02-08 | Avaya Inc. | Prioritize code for testing to improve code coverage of complex software |
US9171157B2 (en) * | 2006-03-28 | 2015-10-27 | Blue Coat Systems, Inc. | Method and system for tracking access to application data and preventing data exploitation by malicious programs |
CN100571276C (zh) * | 2006-09-28 | 2009-12-16 | 北京理工大学 | 一种基于行为特征的网页木马检测方法 |
CN102254111B (zh) * | 2010-05-17 | 2015-09-30 | 北京知道创宇信息技术有限公司 | 恶意网站检测方法及装置 |
CN102012988B (zh) * | 2010-12-02 | 2012-09-26 | 张平 | 自动二进制恶意代码行为分析方法 |
CN102339371B (zh) * | 2011-09-14 | 2013-12-25 | 奇智软件(北京)有限公司 | 一种检测恶意程序的方法、装置及虚拟机 |
CN102693396B (zh) * | 2012-06-11 | 2014-09-17 | 中南大学 | 一种基于虚拟执行模式的Flash漏洞检测方法 |
-
2013
- 2013-09-13 CN CN201310415916.9A patent/CN104462962B/zh active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101154258A (zh) * | 2007-08-14 | 2008-04-02 | 电子科技大学 | 恶意程序动态行为自动化分析系统与方法 |
Non-Patent Citations (1)
Title |
---|
"基于虚拟执行技术的恶意程序检测系统研究与实现";张永超;《中国优秀硕士学位论文全文数据库 信息科技辑》;20120715(第7期);文献第11页第2.1.2节第1段、第12页第2段第1-2行、第13页第2.2节第1段、第14页第2.2.2节第1段-第16页第1段、第29页第4.1.1节第1段、第33页第4.1.2节第3段,图2.3 * |
Also Published As
Publication number | Publication date |
---|---|
CN104462962A (zh) | 2015-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104462962B (zh) | 一种检测未知恶意代码和二进制漏洞的方法 | |
Carmony et al. | Extract Me If You Can: Abusing PDF Parsers in Malware Detectors. | |
CN106055980B (zh) | 一种基于规则的JavaScript安全性检测方法 | |
CN107004088B (zh) | 确定装置、确定方法及记录介质 | |
EA037617B1 (ru) | Способ и система для обнаружения несанкционированного вторжения в трафик данных в сети передачи данных | |
US10657257B2 (en) | Feature vector aggregation for malware detection | |
CN106611122A (zh) | 基于虚拟执行的未知恶意程序离线检测系统 | |
WO2017152877A1 (zh) | 网络威胁事件评估方法及装置 | |
CN103294951B (zh) | 一种基于文档型漏洞的恶意代码样本提取方法及系统 | |
CN109255240B (zh) | 一种漏洞处理方法和装置 | |
Alarifi et al. | Anomaly detection for ephemeral cloud IaaS virtual machines | |
CN113158197B (zh) | 一种基于主动iast的sql注入漏洞检测方法、系统 | |
US10412101B2 (en) | Detection device, detection method, and detection program | |
Aguayo Gonzalez et al. | Detecting malicious software execution in programmable logic controllers using power fingerprinting | |
CN104598820A (zh) | 一种基于特征行为分析的木马病检测方法 | |
CN108595953B (zh) | 对手机应用进行风险评估的方法 | |
CN109597675A (zh) | 虚拟机恶意软件行为检测方法及系统 | |
CN116346456A (zh) | 业务逻辑漏洞攻击检测模型训练方法及装置 | |
CN114024761B (zh) | 网络威胁数据的检测方法、装置、存储介质及电子设备 | |
CN105488414A (zh) | 一种防止恶意代码探测虚拟环境的方法及系统 | |
CN106709335B (zh) | 漏洞检测方法和装置 | |
CN110210216B (zh) | 一种病毒检测的方法以及相关装置 | |
CN111291377A (zh) | 一种应用漏洞的检测方法及系统 | |
CN107222332A (zh) | 测试方法、装置、系统及机器可读存储介质 | |
CN108509796B (zh) | 一种风险性的检测方法及服务器 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A method of detecting binary vulnerabilities and unknown code Effective date of registration: 20201204 Granted publication date: 20180703 Pledgee: Beijing ustron Tongsheng financing Company limited by guarantee Pledgor: BEIJING AISEC CREATED TECHNOLOGY Co.,Ltd. Registration number: Y2020990001420 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230313 Granted publication date: 20180703 Pledgee: Beijing ustron Tongsheng financing Company limited by guarantee Pledgor: BEIJING AISEC CREATED TECHNOLOGY CO.,LTD. Registration number: Y2020990001420 |