CN106909839B - 一种提取样本代码特征的方法及装置 - Google Patents
一种提取样本代码特征的方法及装置 Download PDFInfo
- Publication number
- CN106909839B CN106909839B CN201510969663.9A CN201510969663A CN106909839B CN 106909839 B CN106909839 B CN 106909839B CN 201510969663 A CN201510969663 A CN 201510969663A CN 106909839 B CN106909839 B CN 106909839B
- Authority
- CN
- China
- Prior art keywords
- instruction sequence
- segment
- sample
- contained
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/53—Decompilation; Disassembly
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Stored Programmes (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510969663.9A CN106909839B (zh) | 2015-12-22 | 2015-12-22 | 一种提取样本代码特征的方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510969663.9A CN106909839B (zh) | 2015-12-22 | 2015-12-22 | 一种提取样本代码特征的方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106909839A CN106909839A (zh) | 2017-06-30 |
CN106909839B true CN106909839B (zh) | 2020-04-17 |
Family
ID=59199905
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510969663.9A Active CN106909839B (zh) | 2015-12-22 | 2015-12-22 | 一种提取样本代码特征的方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106909839B (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107632901A (zh) * | 2017-09-25 | 2018-01-26 | 青岛海信移动通信技术股份有限公司 | 一种应用程序运行异常的自修复方法及装置 |
CN109725904B (zh) * | 2017-10-31 | 2021-10-22 | 中国科学院微电子研究所 | 一种低功耗程序指令编译方法及系统 |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101604364A (zh) * | 2009-07-10 | 2009-12-16 | 珠海金山软件股份有限公司 | 基于文件指令序列的计算机恶意程序分类系统和分类方法 |
CN101848092A (zh) * | 2009-03-25 | 2010-09-29 | 华为技术有限公司 | 恶意代码检测方法和装置 |
CN101923617A (zh) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | 一种基于云的样本数据库动态维护方法 |
CN102819697A (zh) * | 2011-12-26 | 2012-12-12 | 哈尔滨安天科技股份有限公司 | 一种基于线程反编译的多平台恶意代码检测方法和系统 |
CN103761475A (zh) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
CN103761476A (zh) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | 特征提取的方法及装置 |
CN103902911A (zh) * | 2014-04-16 | 2014-07-02 | 南京大学 | 一种基于程序结构特征的恶意程序检测方法 |
CN103902910A (zh) * | 2013-12-30 | 2014-07-02 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
CN104077528A (zh) * | 2014-06-25 | 2014-10-01 | 珠海市君天电子科技有限公司 | 病毒检测方法、装置以及终端 |
CN104318161A (zh) * | 2014-11-18 | 2015-01-28 | 北京奇虎科技有限公司 | 一种安卓样本的病毒检测方法及装置 |
CN104978526A (zh) * | 2015-06-30 | 2015-10-14 | 北京奇虎科技有限公司 | 病毒特征的提取方法及装置 |
-
2015
- 2015-12-22 CN CN201510969663.9A patent/CN106909839B/zh active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101848092A (zh) * | 2009-03-25 | 2010-09-29 | 华为技术有限公司 | 恶意代码检测方法和装置 |
CN101604364A (zh) * | 2009-07-10 | 2009-12-16 | 珠海金山软件股份有限公司 | 基于文件指令序列的计算机恶意程序分类系统和分类方法 |
CN101923617A (zh) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | 一种基于云的样本数据库动态维护方法 |
CN102819697A (zh) * | 2011-12-26 | 2012-12-12 | 哈尔滨安天科技股份有限公司 | 一种基于线程反编译的多平台恶意代码检测方法和系统 |
CN103761475A (zh) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
CN103761476A (zh) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | 特征提取的方法及装置 |
CN103902910A (zh) * | 2013-12-30 | 2014-07-02 | 北京奇虎科技有限公司 | 检测智能终端中恶意代码的方法及装置 |
CN103902911A (zh) * | 2014-04-16 | 2014-07-02 | 南京大学 | 一种基于程序结构特征的恶意程序检测方法 |
CN104077528A (zh) * | 2014-06-25 | 2014-10-01 | 珠海市君天电子科技有限公司 | 病毒检测方法、装置以及终端 |
CN104318161A (zh) * | 2014-11-18 | 2015-01-28 | 北京奇虎科技有限公司 | 一种安卓样本的病毒检测方法及装置 |
CN104978526A (zh) * | 2015-06-30 | 2015-10-14 | 北京奇虎科技有限公司 | 病毒特征的提取方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN106909839A (zh) | 2017-06-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10114946B2 (en) | Method and device for detecting malicious code in an intelligent terminal | |
WO2015101097A1 (zh) | 特征提取的方法及装置 | |
US20200193024A1 (en) | Detection Of Malware Using Feature Hashing | |
JP6126672B2 (ja) | 悪性コード検出方法及びシステム | |
Kapratwar et al. | Static and dynamic analysis of android malware | |
US20140082729A1 (en) | System and method for analyzing repackaged application through risk calculation | |
Rana et al. | Evaluation of tree based machine learning classifiers for android malware detection | |
WO2015101042A1 (zh) | 检测智能终端中恶意代码的方法及装置 | |
CN107506256B (zh) | 一种崩溃数据监控的方法和装置 | |
JP2021523434A (ja) | マルウェア検出 | |
Han et al. | Malware classification methods using API sequence characteristics | |
US20210342447A1 (en) | Methods and apparatus for unknown sample classification using agglomerative clustering | |
CN103473104A (zh) | 一种基于关键词上下文频率矩阵的应用重打包辨别方法 | |
CN112148305A (zh) | 一种应用检测方法、装置、计算机设备和可读存储介质 | |
US11916937B2 (en) | System and method for information gain for malware detection | |
CN106709350B (zh) | 一种病毒检测方法及装置 | |
CN106909839B (zh) | 一种提取样本代码特征的方法及装置 | |
US20160134652A1 (en) | Method for recognizing disguised malicious document | |
CN106909841A (zh) | 一种判断病毒代码的方法及装置 | |
CN107085684B (zh) | 程序特征的检测方法和装置 | |
US9646157B1 (en) | Systems and methods for identifying repackaged files | |
KR101557455B1 (ko) | 응용 프로그램 코드 분석 장치 및 그것을 이용한 코드 분석 방법 | |
KR102427782B1 (ko) | 인접 행렬 기반의 악성 코드 탐지 및 분류 장치와 악성 코드 탐지 및 분류 방법 | |
Feichtner et al. | Obfuscation-resilient code recognition in Android apps | |
Liang et al. | Automatic benchmark generation framework for malware detection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20211201 Address after: 300450 No. 9-3-401, No. 39, Gaoxin 6th Road, Binhai Science Park, high tech Zone, Binhai New Area, Tianjin Patentee after: 3600 Technology Group Co.,Ltd. Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park) Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Patentee before: Qizhi software (Beijing) Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230710 Address after: 1765, floor 17, floor 15, building 3, No. 10 Jiuxianqiao Road, Chaoyang District, Beijing 100015 Patentee after: Beijing Hongxiang Technical Service Co.,Ltd. Address before: 300450 No. 9-3-401, No. 39, Gaoxin 6th Road, Binhai Science Park, high tech Zone, Binhai New Area, Tianjin Patentee before: 3600 Technology Group Co.,Ltd. |
|
TR01 | Transfer of patent right |