CN105488390A - 一种Linux下的可疑文件发现方法及系统 - Google Patents
一种Linux下的可疑文件发现方法及系统 Download PDFInfo
- Publication number
- CN105488390A CN105488390A CN201410761534.6A CN201410761534A CN105488390A CN 105488390 A CN105488390 A CN 105488390A CN 201410761534 A CN201410761534 A CN 201410761534A CN 105488390 A CN105488390 A CN 105488390A
- Authority
- CN
- China
- Prior art keywords
- file
- time
- characteristic
- apocrypha
- files
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000001514 detection method Methods 0.000 claims abstract description 20
- 230000004048 modification Effects 0.000 claims description 28
- 238000012986 modification Methods 0.000 claims description 28
- 230000002123 temporal effect Effects 0.000 claims description 28
- 241000239290 Araneae Species 0.000 claims description 3
- 230000003542 behavioural effect Effects 0.000 description 8
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 208000015181 infectious disease Diseases 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Landscapes
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410761534.6A CN105488390B (zh) | 2014-12-13 | 2014-12-13 | 一种Linux下的可疑文件发现方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410761534.6A CN105488390B (zh) | 2014-12-13 | 2014-12-13 | 一种Linux下的可疑文件发现方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105488390A true CN105488390A (zh) | 2016-04-13 |
CN105488390B CN105488390B (zh) | 2018-05-25 |
Family
ID=55675364
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410761534.6A Active CN105488390B (zh) | 2014-12-13 | 2014-12-13 | 一种Linux下的可疑文件发现方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105488390B (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105956468A (zh) * | 2016-04-22 | 2016-09-21 | 中国科学院信息工程研究所 | 一种基于文件访问动态监控的Android恶意应用检测方法及系统 |
WO2021243716A1 (zh) * | 2020-06-05 | 2021-12-09 | 西门子股份公司 | 一种可疑软件检测方法、装置和计算机可读介质 |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102043840A (zh) * | 2010-12-13 | 2011-05-04 | 北京安天电子设备有限公司 | 检测追踪cookie缓存文件的方法和系统 |
CN102194071A (zh) * | 2011-05-20 | 2011-09-21 | 嘉兴云歌信息科技有限公司 | 基于时域的数据取证及交叉分析方法 |
CN102404331A (zh) * | 2011-12-01 | 2012-04-04 | 江苏仕德伟网络科技股份有限公司 | 一种判断网站是否被恶意篡改的方法 |
CN102768717A (zh) * | 2012-06-29 | 2012-11-07 | 腾讯科技(深圳)有限公司 | 恶意文件检测的方法及装置 |
CN102811213A (zh) * | 2011-11-23 | 2012-12-05 | 北京安天电子设备有限公司 | 基于模糊哈希算法的恶意代码检测系统及方法 |
CN102819713A (zh) * | 2012-06-29 | 2012-12-12 | 北京奇虎科技有限公司 | 一种检测弹窗安全性的方法和系统 |
CN103268449A (zh) * | 2012-12-28 | 2013-08-28 | 武汉安天信息技术有限责任公司 | 一种手机恶意代码的高速检测方法和系统 |
US20140082732A1 (en) * | 2011-11-09 | 2014-03-20 | Kaprica Security, Inc. | System and Method for Bidirectional Trust Between Downloaded Applications and Mobile Devices Including a Secure Charger and Malware Scanner |
-
2014
- 2014-12-13 CN CN201410761534.6A patent/CN105488390B/zh active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102043840A (zh) * | 2010-12-13 | 2011-05-04 | 北京安天电子设备有限公司 | 检测追踪cookie缓存文件的方法和系统 |
CN102194071A (zh) * | 2011-05-20 | 2011-09-21 | 嘉兴云歌信息科技有限公司 | 基于时域的数据取证及交叉分析方法 |
US20140082732A1 (en) * | 2011-11-09 | 2014-03-20 | Kaprica Security, Inc. | System and Method for Bidirectional Trust Between Downloaded Applications and Mobile Devices Including a Secure Charger and Malware Scanner |
CN102811213A (zh) * | 2011-11-23 | 2012-12-05 | 北京安天电子设备有限公司 | 基于模糊哈希算法的恶意代码检测系统及方法 |
CN102404331A (zh) * | 2011-12-01 | 2012-04-04 | 江苏仕德伟网络科技股份有限公司 | 一种判断网站是否被恶意篡改的方法 |
CN102768717A (zh) * | 2012-06-29 | 2012-11-07 | 腾讯科技(深圳)有限公司 | 恶意文件检测的方法及装置 |
CN102819713A (zh) * | 2012-06-29 | 2012-12-12 | 北京奇虎科技有限公司 | 一种检测弹窗安全性的方法和系统 |
CN103268449A (zh) * | 2012-12-28 | 2013-08-28 | 武汉安天信息技术有限责任公司 | 一种手机恶意代码的高速检测方法和系统 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105956468A (zh) * | 2016-04-22 | 2016-09-21 | 中国科学院信息工程研究所 | 一种基于文件访问动态监控的Android恶意应用检测方法及系统 |
CN105956468B (zh) * | 2016-04-22 | 2018-12-28 | 中国科学院信息工程研究所 | 一种基于文件访问动态监控的Android恶意应用检测方法及系统 |
WO2021243716A1 (zh) * | 2020-06-05 | 2021-12-09 | 西门子股份公司 | 一种可疑软件检测方法、装置和计算机可读介质 |
Also Published As
Publication number | Publication date |
---|---|
CN105488390B (zh) | 2018-05-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Moonsamy et al. | Mining permission patterns for contrasting clean and malicious android applications | |
CN102592103B (zh) | 文件安全处理方法、设备及系统 | |
KR101260028B1 (ko) | 악성코드 그룹 및 변종 자동 관리 시스템 | |
EP2863310B1 (en) | Data processing method and apparatus, and shared storage device | |
Scoccia et al. | An investigation into Android run-time permissions from the end users' perspective | |
US20110276578A1 (en) | Obtaining file system view in block-level data storage systems | |
JP2016053956A (ja) | ウェブ基盤の悪性コード探知システムおよび方法 | |
Sharma et al. | Mitigation and risk factor analysis of android applications | |
CN101937372A (zh) | 异常处理的方法及装置 | |
CN104881483B (zh) | 用于Hadoop平台数据泄露攻击的自动检测取证方法 | |
CN102915376A (zh) | 检测数据库异常行为的方法和设备 | |
CN103809854A (zh) | 一种数据处理方法及电子设备 | |
CN103428212A (zh) | 一种恶意代码检测及防御的方法 | |
CN111538794A (zh) | 一种数据融合方法、装置及设备 | |
WO2016197814A1 (zh) | 垃圾文件识别及管理方法、识别装置、管理装置和终端 | |
US20170357659A1 (en) | Systems and methods for managing snapshots of a file system volume | |
CN114969819A (zh) | 数据资产风险发现方法和装置 | |
Xu et al. | Manis: Evading malware detection system on graph structure | |
CN104462940A (zh) | 计算机usb接口的监控方法和装置 | |
CN105488390A (zh) | 一种Linux下的可疑文件发现方法及系统 | |
CN106529281A (zh) | 一种可执行文件处理方法及装置 | |
CN104426836A (zh) | 一种入侵检测方法及装置 | |
CN103023704A (zh) | 虚拟网络服务设备接入方法及系统 | |
CN104104666B (zh) | 一种探测云端服务异常的方法和装置 | |
CN105550573A (zh) | 拦截捆绑软件的方法和装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address |
Address after: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 room 506, Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang, China, 162 Patentee before: Harbin Antiy Technology Co., Ltd. |
|
CP03 | Change of name, title or address | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Suspicious file discovery method and system under Linux Effective date of registration: 20190718 Granted publication date: 20180525 Pledgee: Bank of Longjiang, Limited by Share Ltd, Harbin Limin branch Pledgor: Harbin antiy Technology Group Limited by Share Ltd Registration number: 2019230000007 |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee after: Antan Technology Group Co.,Ltd. Address before: 150010 Heilongjiang science and technology innovation city, Harbin new and high tech Industrial Development Zone, No. 7 building, innovation and entrepreneurship Plaza, 838 Patentee before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20211119 Granted publication date: 20180525 Pledgee: Bank of Longjiang Limited by Share Ltd. Harbin Limin branch Pledgor: Harbin Antian Science and Technology Group Co.,Ltd. Registration number: 2019230000007 |