CN108171014A - 一种rtf可疑文件的检测方法、系统及存储介质 - Google Patents
一种rtf可疑文件的检测方法、系统及存储介质 Download PDFInfo
- Publication number
- CN108171014A CN108171014A CN201711484553.9A CN201711484553A CN108171014A CN 108171014 A CN108171014 A CN 108171014A CN 201711484553 A CN201711484553 A CN 201711484553A CN 108171014 A CN108171014 A CN 108171014A
- Authority
- CN
- China
- Prior art keywords
- objdata
- rtf
- data segments
- data
- files
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 23
- 241001269238 Data Species 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 claims abstract description 9
- 238000004590 computer program Methods 0.000 claims description 3
- 238000003780 insertion Methods 0.000 description 4
- 230000037431 insertion Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711484553.9A CN108171014B (zh) | 2017-12-29 | 2017-12-29 | 一种rtf可疑文件的检测方法、系统及存储介质 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711484553.9A CN108171014B (zh) | 2017-12-29 | 2017-12-29 | 一种rtf可疑文件的检测方法、系统及存储介质 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108171014A true CN108171014A (zh) | 2018-06-15 |
CN108171014B CN108171014B (zh) | 2022-01-07 |
Family
ID=62516249
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711484553.9A Active CN108171014B (zh) | 2017-12-29 | 2017-12-29 | 一种rtf可疑文件的检测方法、系统及存储介质 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108171014B (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109871685A (zh) * | 2019-02-19 | 2019-06-11 | 腾讯科技(深圳)有限公司 | 一种rtf文件的解析方法及装置 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104978381A (zh) * | 2014-10-28 | 2015-10-14 | 哈尔滨安天科技股份有限公司 | 一种基于反汇编进行恶意样本检测的方法及系统 |
CN106572117A (zh) * | 2016-11-11 | 2017-04-19 | 北京安普诺信息技术有限公司 | 一种WebShell文件的检测方法和装置 |
-
2017
- 2017-12-29 CN CN201711484553.9A patent/CN108171014B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104978381A (zh) * | 2014-10-28 | 2015-10-14 | 哈尔滨安天科技股份有限公司 | 一种基于反汇编进行恶意样本检测的方法及系统 |
CN106572117A (zh) * | 2016-11-11 | 2017-04-19 | 北京安普诺信息技术有限公司 | 一种WebShell文件的检测方法和装置 |
Non-Patent Citations (2)
Title |
---|
JUNFENG YANG: "RTF恶意软件如何躲避基于特征的静态检测", 《HTTPS://WWW.FIREEYE.COM/BLOG/THREAT-RESEARCH/2016/05/HOW_RTF_MALWARE_EVAD.HTML》 * |
乐德广等: "面向RTF的OLE对象漏洞分析研究", 《面向RTF的OLE对象漏洞分析研究》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109871685A (zh) * | 2019-02-19 | 2019-06-11 | 腾讯科技(深圳)有限公司 | 一种rtf文件的解析方法及装置 |
CN109871685B (zh) * | 2019-02-19 | 2023-08-08 | 腾讯科技(深圳)有限公司 | 一种rtf文件的解析方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN108171014B (zh) | 2022-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102243699B (zh) | 一种恶意代码检测方法及系统 | |
CN102592079B (zh) | 用于检测未知恶意软件的系统和方法 | |
US9824212B2 (en) | Method and system for recognizing advertisement plug-ins | |
US8601451B2 (en) | System, method, and computer program product for determining whether code is unwanted based on the decompilation thereof | |
CN107665306B (zh) | 一种检测非法文件注入的方法、装置、客户端及服务器 | |
EP2763069A1 (en) | Method and device for multiple engine virus killing | |
CN107247722B (zh) | 一种文件扫描方法、装置及智能终端 | |
CN104050409B (zh) | 一种识别被捆绑软件的方法及其装置 | |
CN109977976B (zh) | 可执行文件相似度的检测方法、装置和计算机设备 | |
AU2019419891B2 (en) | System and method for spatial encoding and feature generators for enhancing information extraction | |
CN106055375A (zh) | 应用程序安装方法及装置 | |
CN110362450A (zh) | 一种日志数据采集方法、装置及计算机可读存储介质 | |
CN105975855A (zh) | 一种基于apk证书相似性的恶意代码检测方法及系统 | |
CN106598923A (zh) | 基于字体库装载的在线文档格式转换方法及装置 | |
CN106033551A (zh) | 数据解析方法、装置及系统 | |
CN108171014A (zh) | 一种rtf可疑文件的检测方法、系统及存储介质 | |
US8966274B2 (en) | File tamper detection | |
CN111414339B (zh) | 一种文件的处理方法、系统、装置、设备及介质 | |
CN109871685B (zh) | 一种rtf文件的解析方法及装置 | |
US20130246444A1 (en) | Device, method of processing data, and computer-readable recording medium | |
US9727344B2 (en) | Mining dependencies from disk images | |
CN115982675A (zh) | 文档处理方法、装置、电子设备以及存储介质 | |
CN110795405B (zh) | 一种分片数据还原方法、终端设备及存储介质 | |
CN103824006B (zh) | 一种手机应用软件自动生成水印的方法和系统 | |
US7177958B1 (en) | Automated input determination |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 150028 Building 7, Innovation Plaza, Science and Technology Innovation City, Harbin Hi-tech Industrial Development Zone, Heilongjiang Province (838 Shikun Road) Applicant after: Harbin antiy Technology Group Limited by Share Ltd Address before: 150090 Room 506, No. 162 Hongqi Street, Nangang District, Harbin Development Zone, Heilongjiang Province Applicant before: Harbin Antiy Technology Co., Ltd. |
|
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Applicant after: Antan Technology Group Co.,Ltd. Address before: 150028 building 7, innovation and entrepreneurship square, science and technology innovation city, Harbin high tech Industrial Development Zone, Heilongjiang Province (No. 838, Shikun Road) Applicant before: Harbin Antian Science and Technology Group Co.,Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |