CN106446687A - 恶意样本的检测方法及装置 - Google Patents
恶意样本的检测方法及装置 Download PDFInfo
- Publication number
- CN106446687A CN106446687A CN201610900102.8A CN201610900102A CN106446687A CN 106446687 A CN106446687 A CN 106446687A CN 201610900102 A CN201610900102 A CN 201610900102A CN 106446687 A CN106446687 A CN 106446687A
- Authority
- CN
- China
- Prior art keywords
- icon
- sample
- database
- similarity
- default
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 42
- 238000004422 calculation algorithm Methods 0.000 claims description 57
- 238000010586 diagram Methods 0.000 claims description 50
- 238000000034 method Methods 0.000 claims description 29
- 238000004364 calculation method Methods 0.000 claims description 14
- 238000012360 testing method Methods 0.000 claims description 8
- 238000009434 installation Methods 0.000 claims description 5
- 230000000875 corresponding effect Effects 0.000 description 78
- 230000008901 benefit Effects 0.000 description 9
- 238000004458 analytical method Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 238000000605 extraction Methods 0.000 description 4
- 238000001914 filtration Methods 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 238000004590 computer program Methods 0.000 description 2
- 230000002596 correlated effect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012216 screening Methods 0.000 description 2
- 238000011895 specific detection Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000001276 controlling effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001035 drying Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000011524 similarity measure Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/22—Matching criteria, e.g. proximity measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Bioinformatics & Computational Biology (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Evolutionary Computation (AREA)
- Health & Medical Sciences (AREA)
- Evolutionary Biology (AREA)
- Artificial Intelligence (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- User Interface Of Digital Computer (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610900102.8A CN106446687B (zh) | 2016-10-14 | 2016-10-14 | 恶意样本的检测方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610900102.8A CN106446687B (zh) | 2016-10-14 | 2016-10-14 | 恶意样本的检测方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106446687A true CN106446687A (zh) | 2017-02-22 |
CN106446687B CN106446687B (zh) | 2020-11-03 |
Family
ID=58174494
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610900102.8A Active CN106446687B (zh) | 2016-10-14 | 2016-10-14 | 恶意样本的检测方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106446687B (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107895119A (zh) * | 2017-12-28 | 2018-04-10 | 北京奇虎科技有限公司 | 程序安装包检测方法、装置及电子设备 |
CN116992449A (zh) * | 2023-09-27 | 2023-11-03 | 北京安天网络安全技术有限公司 | 一种相似样本文件确定方法及装置、电子设备及存储介质 |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2062161A1 (en) * | 2006-08-25 | 2009-05-27 | Dynamic Representation Systems, Llc., Part I | Methods and systems for generating a symbol identification challenge for an automated agent |
US20090177628A1 (en) * | 2003-06-27 | 2009-07-09 | Hiroyuki Yanagisawa | System, apparatus, and method for providing illegal use research service for image data, and system, apparatus, and method for providing proper use research service for image data |
CN102096781A (zh) * | 2011-01-18 | 2011-06-15 | 南京邮电大学 | 一种基于网页关联性的钓鱼检测方法 |
CN102169533A (zh) * | 2011-05-11 | 2011-08-31 | 华南理工大学 | 一种商用网页恶意篡改检测方法 |
CN103810425A (zh) * | 2012-11-13 | 2014-05-21 | 腾讯科技(深圳)有限公司 | 恶意网址的检测方法及装置 |
CN104134143A (zh) * | 2014-07-15 | 2014-11-05 | 北京奇虎科技有限公司 | 移动支付安全的保护方法、装置及云服务器 |
CN104504335A (zh) * | 2014-12-24 | 2015-04-08 | 中国科学院深圳先进技术研究院 | 基于页面特征和url特征的钓鱼app检测方法及系统 |
WO2016067290A2 (en) * | 2014-10-30 | 2016-05-06 | Ironscales Ltd. | Method and system for mitigating malicious messages attacks |
CN105825084A (zh) * | 2015-01-06 | 2016-08-03 | 阿里巴巴集团控股有限公司 | 用于对具有图像的对象进行匹配检测的方法 |
CN105975852A (zh) * | 2015-12-31 | 2016-09-28 | 武汉安天信息技术有限责任公司 | 一种基于标签传播的样本关联性检测方法及系统 |
-
2016
- 2016-10-14 CN CN201610900102.8A patent/CN106446687B/zh active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090177628A1 (en) * | 2003-06-27 | 2009-07-09 | Hiroyuki Yanagisawa | System, apparatus, and method for providing illegal use research service for image data, and system, apparatus, and method for providing proper use research service for image data |
EP2062161A1 (en) * | 2006-08-25 | 2009-05-27 | Dynamic Representation Systems, Llc., Part I | Methods and systems for generating a symbol identification challenge for an automated agent |
CN102096781A (zh) * | 2011-01-18 | 2011-06-15 | 南京邮电大学 | 一种基于网页关联性的钓鱼检测方法 |
CN102169533A (zh) * | 2011-05-11 | 2011-08-31 | 华南理工大学 | 一种商用网页恶意篡改检测方法 |
CN103810425A (zh) * | 2012-11-13 | 2014-05-21 | 腾讯科技(深圳)有限公司 | 恶意网址的检测方法及装置 |
CN104134143A (zh) * | 2014-07-15 | 2014-11-05 | 北京奇虎科技有限公司 | 移动支付安全的保护方法、装置及云服务器 |
WO2016067290A2 (en) * | 2014-10-30 | 2016-05-06 | Ironscales Ltd. | Method and system for mitigating malicious messages attacks |
CN104504335A (zh) * | 2014-12-24 | 2015-04-08 | 中国科学院深圳先进技术研究院 | 基于页面特征和url特征的钓鱼app检测方法及系统 |
CN105825084A (zh) * | 2015-01-06 | 2016-08-03 | 阿里巴巴集团控股有限公司 | 用于对具有图像的对象进行匹配检测的方法 |
CN105975852A (zh) * | 2015-12-31 | 2016-09-28 | 武汉安天信息技术有限责任公司 | 一种基于标签传播的样本关联性检测方法及系统 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107895119A (zh) * | 2017-12-28 | 2018-04-10 | 北京奇虎科技有限公司 | 程序安装包检测方法、装置及电子设备 |
CN116992449A (zh) * | 2023-09-27 | 2023-11-03 | 北京安天网络安全技术有限公司 | 一种相似样本文件确定方法及装置、电子设备及存储介质 |
CN116992449B (zh) * | 2023-09-27 | 2024-01-23 | 北京安天网络安全技术有限公司 | 一种相似样本文件确定方法及装置、电子设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN106446687B (zh) | 2020-11-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109375945B (zh) | 物联网设备的固件版本探测方法及漏洞修复率评估方法 | |
US8931092B2 (en) | System and method for computer inspection of information objects for shared malware components | |
CN109525556A (zh) | 一种用于确定嵌入式系统固件中协议漏洞的轻量级方法及系统 | |
US20180191736A1 (en) | Method and apparatus for collecting cyber incident information | |
CN109104421B (zh) | 一种网站内容篡改检测方法、装置、设备及可读存储介质 | |
CN114386032A (zh) | 电力物联网设备的固件检测系统及方法 | |
CN104462985A (zh) | bat漏洞的检测方法以及装置 | |
CN108353083A (zh) | 用于检测域产生算法(dga)恶意软件的系统及方法 | |
CN112749389B (zh) | 一种检测智能合约破坏敏感数据漏洞的检测方法及装置 | |
CN103455758A (zh) | 恶意网站的识别方法及装置 | |
CN114598504A (zh) | 一种风险评估方法、装置、电子设备及可读存储介质 | |
CN113098828A (zh) | 网络安全报警方法及装置 | |
WO2023241529A1 (zh) | 漏洞信息处理方法、服务装置和漏洞检测模块 | |
CN108399321B (zh) | 基于动态指令依赖图胎记的软件局部抄袭检测方法 | |
CN106446687A (zh) | 恶意样本的检测方法及装置 | |
CN113158197A (zh) | 一种基于主动iast的sql注入漏洞检测方法、系统 | |
CN109815697A (zh) | 误报行为处理方法及装置 | |
CN108898012A (zh) | 检测非法程序的方法和装置 | |
CN104239801B (zh) | 0day漏洞的识别方法以及装置 | |
CN104579819A (zh) | 网络安全检测方法以及装置 | |
CN111400718B (zh) | 一种系统漏洞与攻击的检测方法、装置及其相关设备 | |
CN106650439A (zh) | 检测可疑应用程序的方法及装置 | |
CN101901183A (zh) | 一种过滤测试用例的方法及装置 | |
CN110457905A (zh) | 样本的病毒检测方法、装置、计算机设备及存储介质 | |
CN116127453A (zh) | 一种apt攻击检测方法、系统、装置、介质及设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee after: Beijing Qizhi Business Consulting Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240115 Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Beijing Qizhi Business Consulting Co.,Ltd. |