CN104615936A - 云平台vmm层行为监控方法 - Google Patents
云平台vmm层行为监控方法 Download PDFInfo
- Publication number
- CN104615936A CN104615936A CN201510096203.XA CN201510096203A CN104615936A CN 104615936 A CN104615936 A CN 104615936A CN 201510096203 A CN201510096203 A CN 201510096203A CN 104615936 A CN104615936 A CN 104615936A
- Authority
- CN
- China
- Prior art keywords
- system call
- matrix
- data records
- sequence
- short data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510096203.XA CN104615936B (zh) | 2015-03-04 | 2015-03-04 | 云平台vmm层行为监控方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510096203.XA CN104615936B (zh) | 2015-03-04 | 2015-03-04 | 云平台vmm层行为监控方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104615936A true CN104615936A (zh) | 2015-05-13 |
CN104615936B CN104615936B (zh) | 2018-03-30 |
Family
ID=53150375
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510096203.XA Active CN104615936B (zh) | 2015-03-04 | 2015-03-04 | 云平台vmm层行为监控方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104615936B (zh) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105677572A (zh) * | 2016-02-04 | 2016-06-15 | 华中科技大学 | 基于自组织映射模型云软件性能异常错误诊断方法与系统 |
CN106650446A (zh) * | 2016-12-26 | 2017-05-10 | 北京邮电大学 | 基于系统调用的恶意程序行为识别方法和系统 |
CN108228434A (zh) * | 2016-12-21 | 2018-06-29 | 中国科学院信息工程研究所 | 一种内核源码级的系统调用跟踪方法 |
CN110175456A (zh) * | 2019-06-04 | 2019-08-27 | 网御安全技术(深圳)有限公司 | 软件行为取样方法、相关设备及软件系统 |
CN110198299A (zh) * | 2019-03-07 | 2019-09-03 | 腾讯科技(深圳)有限公司 | 一种入侵检测方法和装置 |
CN110222243A (zh) * | 2019-05-27 | 2019-09-10 | 北京小米移动软件有限公司 | 确定异常行为的方法、装置和存储介质 |
CN111159714A (zh) * | 2019-12-23 | 2020-05-15 | 北京工业大学 | 一种访问控制中主体运行时可信验证方法及系统 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120124667A1 (en) * | 2010-11-12 | 2012-05-17 | National Chiao Tung University | Machine-implemented method and system for determining whether a to-be-analyzed software is a known malware or a variant of the known malware |
CN103744786A (zh) * | 2014-01-16 | 2014-04-23 | 北京工业大学 | 基于软件功能层对软件异常行为溯源的方法 |
-
2015
- 2015-03-04 CN CN201510096203.XA patent/CN104615936B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120124667A1 (en) * | 2010-11-12 | 2012-05-17 | National Chiao Tung University | Machine-implemented method and system for determining whether a to-be-analyzed software is a known malware or a variant of the known malware |
CN103744786A (zh) * | 2014-01-16 | 2014-04-23 | 北京工业大学 | 基于软件功能层对软件异常行为溯源的方法 |
Non-Patent Citations (2)
Title |
---|
杨辉: "非负矩阵分解在入侵检测中的应用", 《中国优秀硕士学位论文全文数据库工程科技辑》 * |
赵欣等: "一种改进的基于系统调用的入侵检测算法", 《数据通信》 * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105677572A (zh) * | 2016-02-04 | 2016-06-15 | 华中科技大学 | 基于自组织映射模型云软件性能异常错误诊断方法与系统 |
CN105677572B (zh) * | 2016-02-04 | 2018-09-04 | 华中科技大学 | 基于自组织映射模型云软件性能异常错误诊断方法与系统 |
CN108228434A (zh) * | 2016-12-21 | 2018-06-29 | 中国科学院信息工程研究所 | 一种内核源码级的系统调用跟踪方法 |
CN106650446A (zh) * | 2016-12-26 | 2017-05-10 | 北京邮电大学 | 基于系统调用的恶意程序行为识别方法和系统 |
CN110198299A (zh) * | 2019-03-07 | 2019-09-03 | 腾讯科技(深圳)有限公司 | 一种入侵检测方法和装置 |
CN110198299B (zh) * | 2019-03-07 | 2021-08-17 | 腾讯科技(深圳)有限公司 | 一种入侵检测方法和装置 |
CN110222243A (zh) * | 2019-05-27 | 2019-09-10 | 北京小米移动软件有限公司 | 确定异常行为的方法、装置和存储介质 |
CN110222243B (zh) * | 2019-05-27 | 2021-08-31 | 北京小米移动软件有限公司 | 确定异常行为的方法、装置和存储介质 |
CN110175456A (zh) * | 2019-06-04 | 2019-08-27 | 网御安全技术(深圳)有限公司 | 软件行为取样方法、相关设备及软件系统 |
CN111159714A (zh) * | 2019-12-23 | 2020-05-15 | 北京工业大学 | 一种访问控制中主体运行时可信验证方法及系统 |
CN111159714B (zh) * | 2019-12-23 | 2022-03-11 | 北京工业大学 | 一种访问控制中主体运行时可信验证方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
CN104615936B (zh) | 2018-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104615936A (zh) | 云平台vmm层行为监控方法 | |
Kirat et al. | Malgene: Automatic extraction of malware analysis evasion signature | |
Tian et al. | BVDetector: A program slice-based binary code vulnerability intelligent detection system | |
CN108469984B (zh) | 一种基于虚拟机自省函数级虚拟机内核动态检测系统与方法 | |
Murtaza et al. | A host-based anomaly detection approach by representing system calls as states of kernel modules | |
CN109933984B (zh) | 一种最佳聚类结果筛选方法、装置和电子设备 | |
Ceccato et al. | SOFIA: An automated security oracle for black-box testing of SQL-injection vulnerabilities | |
CN103679030B (zh) | 一种基于动态语义特征的恶意代码分析检测方法 | |
CN102682229A (zh) | 一种基于虚拟化技术的恶意代码行为检测方法 | |
CN103036745A (zh) | 云计算中一种基于神经网络的异常检测系统 | |
Zhao et al. | Predicting performance anomalies in software systems at run-time | |
CN104766015A (zh) | 一种基于函数调用的缓冲区溢出漏洞动态检测方法 | |
CN114626069A (zh) | 威胁建模方法及装置 | |
CN112688966A (zh) | webshell检测方法、装置、介质和设备 | |
Bernardi et al. | A fuzzy-based process mining approach for dynamic malware detection | |
Partenza et al. | Automatic identification of vulnerable code: Investigations with an ast-based neural network | |
CN113779573B (zh) | 一种基于系统溯源图的大规模勒索软件分析方法和分析装置 | |
CN113468524A (zh) | 基于rasp的机器学习模型安全检测方法 | |
CN116074092B (zh) | 一种基于异构图注意力网络的攻击场景重构系统 | |
Waly et al. | A complete framework for kernel trace analysis | |
Liu et al. | PF-Miner: A practical paired functions mining method for Android kernel in error paths | |
CN111190813B (zh) | 基于自动化测试的安卓应用网络行为信息提取系统及方法 | |
CN108427882A (zh) | 基于行为特征抽取的安卓软件动态分析检测法 | |
Tian et al. | Plagiarism detection of multi-threaded programs using frequent behavioral pattern mining | |
Xu et al. | Vulnerability Detection of Ethereum Smart Contract Based on SolBERT-BiGRU-Attention Hybrid Neural Model. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: He Hui Inventor after: Guo Junwu Inventor after: Li Mingzhe Inventor after: Zhang Weizhe Inventor after: Liu Chuanyi Inventor after: Yu Xiangzhan Inventor after: Ye Lin Inventor after: Zhang Hongli Inventor after: Zhan Dongyang Inventor after: Zhao Shangjie Inventor after: Dong Ling Inventor before: He Hui Inventor before: Yu Xiangzhan Inventor before: Ye Lin Inventor before: Zhang Hongli Inventor before: Zhan Dongyang Inventor before: Zhao Shangjie Inventor before: Dong Ling Inventor before: Guo Junwu Inventor before: Li Mingzhe |
|
CB03 | Change of inventor or designer information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |