CN116361801B - 基于应用程序接口语义信息的恶意软件检测方法及系统 - Google Patents
基于应用程序接口语义信息的恶意软件检测方法及系统 Download PDFInfo
- Publication number
- CN116361801B CN116361801B CN202310636026.4A CN202310636026A CN116361801B CN 116361801 B CN116361801 B CN 116361801B CN 202310636026 A CN202310636026 A CN 202310636026A CN 116361801 B CN116361801 B CN 116361801B
- Authority
- CN
- China
- Prior art keywords
- api call
- api
- sequence
- call sequence
- feature vector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/547—Remote procedure calls [RPC]; Web services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/0464—Convolutional networks [CNN, ConvNet]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Computer Hardware Design (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Virology (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (5)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310636026.4A CN116361801B (zh) | 2023-06-01 | 2023-06-01 | 基于应用程序接口语义信息的恶意软件检测方法及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310636026.4A CN116361801B (zh) | 2023-06-01 | 2023-06-01 | 基于应用程序接口语义信息的恶意软件检测方法及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116361801A CN116361801A (zh) | 2023-06-30 |
CN116361801B true CN116361801B (zh) | 2023-09-01 |
Family
ID=86905318
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310636026.4A Active CN116361801B (zh) | 2023-06-01 | 2023-06-01 | 基于应用程序接口语义信息的恶意软件检测方法及系统 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116361801B (zh) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116578969B (zh) * | 2023-07-12 | 2023-09-05 | 中国科学院合肥物质科学研究院 | 基于感知归类的软件检测模型训练方法、检测方法和系统 |
US11900179B1 (en) | 2023-07-13 | 2024-02-13 | Intuit, Inc. | Detection of abnormal application programming interface (API) sessions including a sequence of API requests |
US11921847B1 (en) * | 2023-07-13 | 2024-03-05 | Intuit, Inc. | Detection of abnormal application programming interface (API) sessions including a sequence of API requests using space partitioning data structures |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019197022A1 (en) * | 2018-04-10 | 2019-10-17 | Huawei Technologies Co., Ltd. | Device and method for classifying program behaviour |
CN111259388A (zh) * | 2020-01-09 | 2020-06-09 | 中山大学 | 一种基于图卷积的恶意软件api调用序列检测方法 |
CN111382438A (zh) * | 2020-03-27 | 2020-07-07 | 玉溪师范学院 | 基于多尺度卷积神经网络的恶意软件检测方法 |
CN112464234A (zh) * | 2020-11-21 | 2021-03-09 | 西北工业大学 | 一种云平台上基于svm的恶意软件检测方法 |
CN114861194A (zh) * | 2022-05-13 | 2022-08-05 | 兰州交通大学 | 一种基于bgru与cnn融合模型的多类型漏洞检测方法 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10922409B2 (en) * | 2018-04-10 | 2021-02-16 | Microsoft Technology Licensing, Llc | Deep reinforcement learning technologies for detecting malware |
JP2024517412A (ja) * | 2021-04-16 | 2024-04-22 | ストロング フォース ヴィーシーエヌ ポートフォリオ 2019,エルエルシー | デジタル製品ネットワークシステム及び生物学ベースのバリューチェーンネットワークのための、システム、方法、キット、並びに装置 |
-
2023
- 2023-06-01 CN CN202310636026.4A patent/CN116361801B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019197022A1 (en) * | 2018-04-10 | 2019-10-17 | Huawei Technologies Co., Ltd. | Device and method for classifying program behaviour |
CN111259388A (zh) * | 2020-01-09 | 2020-06-09 | 中山大学 | 一种基于图卷积的恶意软件api调用序列检测方法 |
CN111382438A (zh) * | 2020-03-27 | 2020-07-07 | 玉溪师范学院 | 基于多尺度卷积神经网络的恶意软件检测方法 |
CN112464234A (zh) * | 2020-11-21 | 2021-03-09 | 西北工业大学 | 一种云平台上基于svm的恶意软件检测方法 |
CN114861194A (zh) * | 2022-05-13 | 2022-08-05 | 兰州交通大学 | 一种基于bgru与cnn融合模型的多类型漏洞检测方法 |
Non-Patent Citations (1)
Title |
---|
基于卷积神经网络和最小门控单元的情感分析研究;李治;《 基于深度学习的方面级用户评论情感分析研究》(第2期);第I138-4467页 * |
Also Published As
Publication number | Publication date |
---|---|
CN116361801A (zh) | 2023-06-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN116361801B (zh) | 基于应用程序接口语义信息的恶意软件检测方法及系统 | |
CN108021806B (zh) | 一种恶意安装包的识别方法和装置 | |
CN110232280B (zh) | 一种基于树结构卷积神经网络的软件安全漏洞检测方法 | |
CN110135157B (zh) | 恶意软件同源性分析方法、系统、电子设备及存储介质 | |
CN109101817B (zh) | 一种识别恶意文件类别的方法及计算设备 | |
CN110704840A (zh) | 一种基于卷积神经网络cnn的恶意软件检测方法 | |
CN112464233B (zh) | 一种云平台上基于rnn的恶意软件检测方法 | |
CN114047929B (zh) | 基于知识增强的用户定义函数识别方法、装置及介质 | |
CN109063478A (zh) | 可移植的可执行文件的病毒检测方法、装置、设备及介质 | |
CN111428236A (zh) | 一种恶意软件的检测方法、装置、设备及可读介质 | |
CN113609488B (zh) | 基于自监督学习及多通道超图神经网络的漏洞检测方法与系统 | |
CN110990563A (zh) | 一种基于人工智能的传统文化素材库构建方法及系统 | |
CN112418320A (zh) | 一种企业关联关系识别方法、装置及存储介质 | |
CN111400713B (zh) | 基于操作码邻接图特征的恶意软件族群分类方法 | |
Choe et al. | The real-time mobile application for classifying of endangered parrot species using the CNN models based on transfer learning | |
Hota et al. | Deep Neural Networks for Android Malware Detection. | |
Mu et al. | An android malware detection method using deep learning based on api calls | |
Nicheporuk et al. | An Android Malware Detection Method Based on CNN Mixed-Data Model. | |
CN108229170A (zh) | 利用大数据和神经网络的软件分析方法和装置 | |
CN116361788A (zh) | 一种基于机器学习的二进制软件漏洞预测方法 | |
Lee et al. | Trend of malware detection using deep learning | |
CN113762294B (zh) | 一种特征向量维度压缩方法、装置、设备、介质 | |
CN113987496A (zh) | 恶意攻击检测的方法、装置、电子设备及可读存储介质 | |
CN112860573A (zh) | 一种智能手机恶意软件检测方法 | |
CN113297376A (zh) | 基于元学习的法律案件风险点识别方法及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Yang Shumian Inventor after: Zhang Yuxin Inventor after: Zhao Dawei Inventor after: Xu Lijuan Inventor after: Li Xin Inventor after: Sun Chenyu Inventor after: Xu Qingling Inventor after: Yang Yongqi Inventor before: Yang Shumian Inventor before: Zhang Yuxin Inventor before: Zhao Dawei Inventor before: Xu Lijuan Inventor before: Li Xin Inventor before: Sun Chenyu Inventor before: Xu Qingling Inventor before: Yang Yongqi |