CN108090358B - 一种防御哈希碰撞躲避反病毒检测的方法及系统 - Google Patents
一种防御哈希碰撞躲避反病毒检测的方法及系统 Download PDFInfo
- Publication number
- CN108090358B CN108090358B CN201711461021.3A CN201711461021A CN108090358B CN 108090358 B CN108090358 B CN 108090358B CN 201711461021 A CN201711461021 A CN 201711461021A CN 108090358 B CN108090358 B CN 108090358B
- Authority
- CN
- China
- Prior art keywords
- file
- modified
- white list
- preset
- detected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/564—Static detection by virus signature recognition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711461021.3A CN108090358B (zh) | 2017-12-28 | 2017-12-28 | 一种防御哈希碰撞躲避反病毒检测的方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711461021.3A CN108090358B (zh) | 2017-12-28 | 2017-12-28 | 一种防御哈希碰撞躲避反病毒检测的方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108090358A CN108090358A (zh) | 2018-05-29 |
CN108090358B true CN108090358B (zh) | 2021-07-20 |
Family
ID=62179804
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711461021.3A Active CN108090358B (zh) | 2017-12-28 | 2017-12-28 | 一种防御哈希碰撞躲避反病毒检测的方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108090358B (zh) |
Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101236496A (zh) * | 2007-01-29 | 2008-08-06 | 展讯通信(上海)有限公司 | 一种软件一致性检测方法和装置 |
CN101650768A (zh) * | 2009-07-10 | 2010-02-17 | 深圳市永达电子股份有限公司 | 基于自动白名单的Windows终端安全保障方法与系统 |
CN101730886A (zh) * | 2008-02-21 | 2010-06-09 | 金士顿科技股份有限公司 | 安全性存储系统及其使用方法 |
CN102141995A (zh) * | 2010-01-29 | 2011-08-03 | 国际商业机器公司 | 简化并行计算系统中的传输的系统与方法 |
CN102750462A (zh) * | 2011-12-13 | 2012-10-24 | 北京安天电子设备有限公司 | 基于环境的日志分析转换方法及装置 |
CN102811213A (zh) * | 2011-11-23 | 2012-12-05 | 北京安天电子设备有限公司 | 基于模糊哈希算法的恶意代码检测系统及方法 |
CN103761478A (zh) * | 2014-01-07 | 2014-04-30 | 北京奇虎科技有限公司 | 恶意文件的判断方法及设备 |
CN104281794A (zh) * | 2014-09-23 | 2015-01-14 | 北京奇艺世纪科技有限公司 | 一种密码存储及验证的方法和装置 |
CN105631013A (zh) * | 2015-12-29 | 2016-06-01 | 华为技术有限公司 | 生成哈希值的装置和方法 |
CN107357632A (zh) * | 2017-07-17 | 2017-11-17 | 郑州云海信息技术有限公司 | 一种命令行解析方法及装置 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10216966B2 (en) * | 2015-02-25 | 2019-02-26 | Netapp, Inc. | Perturb key technique |
-
2017
- 2017-12-28 CN CN201711461021.3A patent/CN108090358B/zh active Active
Patent Citations (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101236496A (zh) * | 2007-01-29 | 2008-08-06 | 展讯通信(上海)有限公司 | 一种软件一致性检测方法和装置 |
CN101730886A (zh) * | 2008-02-21 | 2010-06-09 | 金士顿科技股份有限公司 | 安全性存储系统及其使用方法 |
CN101650768A (zh) * | 2009-07-10 | 2010-02-17 | 深圳市永达电子股份有限公司 | 基于自动白名单的Windows终端安全保障方法与系统 |
CN102141995A (zh) * | 2010-01-29 | 2011-08-03 | 国际商业机器公司 | 简化并行计算系统中的传输的系统与方法 |
CN102811213A (zh) * | 2011-11-23 | 2012-12-05 | 北京安天电子设备有限公司 | 基于模糊哈希算法的恶意代码检测系统及方法 |
CN102750462A (zh) * | 2011-12-13 | 2012-10-24 | 北京安天电子设备有限公司 | 基于环境的日志分析转换方法及装置 |
CN103761478A (zh) * | 2014-01-07 | 2014-04-30 | 北京奇虎科技有限公司 | 恶意文件的判断方法及设备 |
CN104281794A (zh) * | 2014-09-23 | 2015-01-14 | 北京奇艺世纪科技有限公司 | 一种密码存储及验证的方法和装置 |
CN105631013A (zh) * | 2015-12-29 | 2016-06-01 | 华为技术有限公司 | 生成哈希值的装置和方法 |
CN107357632A (zh) * | 2017-07-17 | 2017-11-17 | 郑州云海信息技术有限公司 | 一种命令行解析方法及装置 |
Non-Patent Citations (1)
Title |
---|
"基于Zend虚拟机的Hash碰撞及DoS攻击分析";刘耀钦 等;《计算机与现代化》;20140630(第6期);第32-35页 * |
Also Published As
Publication number | Publication date |
---|---|
CN108090358A (zh) | 2018-05-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6670907B2 (ja) | スクリプトの実行をブロックするシステム及び方法 | |
CN109922075B (zh) | 网络安全知识图谱构建方法和装置、计算机设备 | |
US10860715B2 (en) | Method and apparatus for proactively identifying and mitigating malware attacks via hosted web assets | |
US9948670B2 (en) | Cloud security-based file processing by generating feedback message based on signature information and file features | |
US10678921B2 (en) | Detecting malware with hash-based fingerprints | |
EP2788912B1 (en) | Predictive heap overflow protection | |
RU2551820C2 (ru) | Способ и устройство для проверки файловой системы на наличие вирусов | |
KR102210627B1 (ko) | 악성 프로세스 행동을 검출하기 위한 방법, 장치 및 시스템 | |
US8813234B1 (en) | Graph-based approach to deterring persistent security threats | |
CN107786564B (zh) | 基于威胁情报的攻击检测方法、系统及电子设备 | |
US9542683B2 (en) | System and method for protecting electronic money transactions | |
CN110659484B (zh) | 生成对于文件信息的请求以执行防病毒扫描的系统和方法 | |
EP3270317B1 (en) | Dynamic security module server device and operating method thereof | |
WO2015109912A1 (zh) | 缓冲区溢出攻击检测装置、方法和安全防护系统 | |
Paturi et al. | Mobile malware visual analytics and similarities of Attack Toolkits (Malware gene analysis) | |
Tarao et al. | Toward an artificial immune server against cyber attacks: enhancement of protection against DoS attacks | |
CN108090358B (zh) | 一种防御哈希碰撞躲避反病毒检测的方法及系统 | |
CN108256327B (zh) | 一种文件检测方法及装置 | |
Panigrahi et al. | Malware detection in big data using fast pattern matching: A hadoop based comparison on GPU | |
Kishore et al. | Faster file imaging framework for digital forensics | |
Lee et al. | Ligeroav: A light-weight, signature-based antivirus for mobile environment | |
US11403427B2 (en) | Methods and systems for reinforcement learning of post-attack security hardening passes | |
EP3012771B1 (en) | System and method for protecting electronic money transactions | |
CN105302851B (zh) | 一种基于文件序列化的自动机远程分发和初始化方法 | |
JP6207392B2 (ja) | 異常検出装置、異常検出方法、及び異常検出プログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 150028 Building 7, Innovation Plaza, Science and Technology Innovation City, Harbin Hi-tech Industrial Development Zone, Heilongjiang Province (838 Shikun Road) Applicant after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 Room 506, No. 162 Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang Province Applicant before: Harbin Antiy Technology Co., Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder |
Address after: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Patentee after: Antan Technology Group Co.,Ltd. Address before: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Patentee before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
CP01 | Change in the name or title of a patent holder |