CN1845120A - Automatic analysis system and method for malicious code - Google Patents
Automatic analysis system and method for malicious code Download PDFInfo
- Publication number
- CN1845120A CN1845120A CNA200610080454XA CN200610080454A CN1845120A CN 1845120 A CN1845120 A CN 1845120A CN A200610080454X A CNA200610080454X A CN A200610080454XA CN 200610080454 A CN200610080454 A CN 200610080454A CN 1845120 A CN1845120 A CN 1845120A
- Authority
- CN
- China
- Prior art keywords
- malicious code
- module
- file
- api
- malicious
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (4)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB200610080454XA CN100461197C (en) | 2006-05-16 | 2006-05-16 | Automatic analysis system and method for malicious code |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB200610080454XA CN100461197C (en) | 2006-05-16 | 2006-05-16 | Automatic analysis system and method for malicious code |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1845120A true CN1845120A (en) | 2006-10-11 |
CN100461197C CN100461197C (en) | 2009-02-11 |
Family
ID=37064048
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB200610080454XA Expired - Fee Related CN100461197C (en) | 2006-05-16 | 2006-05-16 | Automatic analysis system and method for malicious code |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN100461197C (en) |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009049555A1 (en) * | 2007-10-15 | 2009-04-23 | Beijing Rising International Software Co., Ltd. | Method and apparatus for detecting the malicious behavior of computer program |
CN100504903C (en) * | 2007-09-18 | 2009-06-24 | 北京大学 | Malevolence code automatic recognition method |
CN102208004A (en) * | 2011-05-13 | 2011-10-05 | 南京邮电大学 | Method for controlling software behavior based on least privilege principle |
CN101414328B (en) * | 2007-10-15 | 2012-07-18 | 北京瑞星信息技术有限公司 | Apparatus and method for exuviations of file |
CN102779255A (en) * | 2012-07-16 | 2012-11-14 | 腾讯科技(深圳)有限公司 | Method and device for judging malicious program |
CN102799493A (en) * | 2012-06-21 | 2012-11-28 | 北京伸得纬科技有限公司 | Method for intercepting target progress with self-protection |
CN102799500A (en) * | 2012-06-25 | 2012-11-28 | 腾讯科技(深圳)有限公司 | System repair method, device and storage medium |
CN103294947A (en) * | 2012-02-23 | 2013-09-11 | 株式会社日立制作所 | Program analysis system and method thereof |
US8561192B2 (en) | 2007-10-15 | 2013-10-15 | Beijing Rising Information Technology Co., Ltd. | Method and apparatus for automatically protecting a computer against a harmful program |
CN101667236B (en) * | 2008-09-02 | 2013-11-20 | 北京瑞星信息技术有限公司 | Method and device for controlling driver installation |
CN103500306A (en) * | 2011-06-03 | 2014-01-08 | 北京奇虎科技有限公司 | Client terminal program monitoring method and device and client terminal |
CN103605592A (en) * | 2013-11-29 | 2014-02-26 | 中国航空工业集团公司第六三一研究所 | Mechanism of detecting malfunctions of distributed computer system |
CN103778367A (en) * | 2013-12-30 | 2014-05-07 | 网秦(北京)科技有限公司 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
CN104766007A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Method for quickly recovering sandbox based on file system filter driver |
CN104766011A (en) * | 2015-03-26 | 2015-07-08 | 国家电网公司 | Sandbox detection alarming method and system based on main engine characteristic |
CN104933365A (en) * | 2015-07-08 | 2015-09-23 | 中国科学院信息工程研究所 | Automatic malicious code homology judgment method and system based on calling habits |
CN105991620A (en) * | 2015-03-05 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Malicious account identification method and device |
CN107766716A (en) * | 2016-08-16 | 2018-03-06 | 阿里巴巴集团控股有限公司 | Certificate detection method and device, electronic equipment |
CN109948336A (en) * | 2019-01-29 | 2019-06-28 | 北京中安兴坤科技有限公司 | Malicious code detecting method and device |
CN111026599A (en) * | 2019-07-24 | 2020-04-17 | 哈尔滨安天科技集团股份有限公司 | Data collection method and device based on API call and storage device |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1282083C (en) * | 2001-09-14 | 2006-10-25 | 北京瑞星科技股份有限公司 | Computer memory virus monitoring method and method for operation with virus |
WO2003090050A2 (en) * | 2002-04-13 | 2003-10-30 | Computer Associates Think, Inc. | System and method for detecting malicicous code |
US7832012B2 (en) * | 2004-05-19 | 2010-11-09 | Computer Associates Think, Inc. | Method and system for isolating suspicious email |
US20060015940A1 (en) * | 2004-07-14 | 2006-01-19 | Shay Zamir | Method for detecting unwanted executables |
CN100374972C (en) * | 2005-08-03 | 2008-03-12 | 珠海金山软件股份有限公司 | System and method for detecting and defending computer worm |
-
2006
- 2006-05-16 CN CNB200610080454XA patent/CN100461197C/en not_active Expired - Fee Related
Cited By (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100504903C (en) * | 2007-09-18 | 2009-06-24 | 北京大学 | Malevolence code automatic recognition method |
US8561192B2 (en) | 2007-10-15 | 2013-10-15 | Beijing Rising Information Technology Co., Ltd. | Method and apparatus for automatically protecting a computer against a harmful program |
CN101414328B (en) * | 2007-10-15 | 2012-07-18 | 北京瑞星信息技术有限公司 | Apparatus and method for exuviations of file |
US8898775B2 (en) | 2007-10-15 | 2014-11-25 | Bejing Rising Information Technology Co., Ltd. | Method and apparatus for detecting the malicious behavior of computer program |
WO2009049555A1 (en) * | 2007-10-15 | 2009-04-23 | Beijing Rising International Software Co., Ltd. | Method and apparatus for detecting the malicious behavior of computer program |
CN101667236B (en) * | 2008-09-02 | 2013-11-20 | 北京瑞星信息技术有限公司 | Method and device for controlling driver installation |
CN102208004A (en) * | 2011-05-13 | 2011-10-05 | 南京邮电大学 | Method for controlling software behavior based on least privilege principle |
CN102208004B (en) * | 2011-05-13 | 2013-07-03 | 南京邮电大学 | Method for controlling software behavior based on least privilege principle |
CN103500306A (en) * | 2011-06-03 | 2014-01-08 | 北京奇虎科技有限公司 | Client terminal program monitoring method and device and client terminal |
CN103294947A (en) * | 2012-02-23 | 2013-09-11 | 株式会社日立制作所 | Program analysis system and method thereof |
CN102799493A (en) * | 2012-06-21 | 2012-11-28 | 北京伸得纬科技有限公司 | Method for intercepting target progress with self-protection |
CN102799500A (en) * | 2012-06-25 | 2012-11-28 | 腾讯科技(深圳)有限公司 | System repair method, device and storage medium |
CN102799500B (en) * | 2012-06-25 | 2014-04-30 | 腾讯科技(深圳)有限公司 | System repair method and device |
CN102779255A (en) * | 2012-07-16 | 2012-11-14 | 腾讯科技(深圳)有限公司 | Method and device for judging malicious program |
CN102779255B (en) * | 2012-07-16 | 2014-11-12 | 腾讯科技(深圳)有限公司 | Method and device for judging malicious program |
US9158918B2 (en) | 2012-07-16 | 2015-10-13 | Tencent Technology (Shenzhen) Company Limited | Method and apparatus for determining malicious program |
CN103605592A (en) * | 2013-11-29 | 2014-02-26 | 中国航空工业集团公司第六三一研究所 | Mechanism of detecting malfunctions of distributed computer system |
CN103778367A (en) * | 2013-12-30 | 2014-05-07 | 网秦(北京)科技有限公司 | Method and terminal for detecting safety of application installation package based on application certificate and auxiliary server |
CN105991620A (en) * | 2015-03-05 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Malicious account identification method and device |
CN105991620B (en) * | 2015-03-05 | 2019-09-06 | 阿里巴巴集团控股有限公司 | The recognition methods of malice account and device |
CN104766011A (en) * | 2015-03-26 | 2015-07-08 | 国家电网公司 | Sandbox detection alarming method and system based on main engine characteristic |
CN104766011B (en) * | 2015-03-26 | 2017-09-12 | 国家电网公司 | The sandbox detection alarm method and system of Intrusion Detection based on host feature |
CN104766007A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Method for quickly recovering sandbox based on file system filter driver |
CN104766007B (en) * | 2015-03-27 | 2017-07-21 | 杭州安恒信息技术有限公司 | A kind of method that the fast quick-recovery of sandbox is realized based on file system filter driver |
CN104933365A (en) * | 2015-07-08 | 2015-09-23 | 中国科学院信息工程研究所 | Automatic malicious code homology judgment method and system based on calling habits |
CN104933365B (en) * | 2015-07-08 | 2018-04-27 | 中国科学院信息工程研究所 | A kind of malicious code based on calling custom automates homologous decision method and system |
CN107766716A (en) * | 2016-08-16 | 2018-03-06 | 阿里巴巴集团控股有限公司 | Certificate detection method and device, electronic equipment |
CN109948336A (en) * | 2019-01-29 | 2019-06-28 | 北京中安兴坤科技有限公司 | Malicious code detecting method and device |
CN111026599A (en) * | 2019-07-24 | 2020-04-17 | 哈尔滨安天科技集团股份有限公司 | Data collection method and device based on API call and storage device |
Also Published As
Publication number | Publication date |
---|---|
CN100461197C (en) | 2009-02-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1845120A (en) | Automatic analysis system and method for malicious code | |
CN1304941C (en) | Apparatus and method for autonomic hardware assisted thread stack tracking | |
CN101042673A (en) | Software testing system and testing method | |
US9727436B2 (en) | Adding a profiling agent to a virtual machine to permit performance and memory consumption analysis within unit tests | |
CN102789419B (en) | Software fault analysis method based on multi-sample difference comparison | |
CN104766007B (en) | A kind of method that the fast quick-recovery of sandbox is realized based on file system filter driver | |
US20080243968A1 (en) | Method and system for object age detection in garbage collection heaps | |
CN1282085C (en) | Method of parallel regulating multi-task of imbedding system | |
CN1540517A (en) | Just-My-Code modulation tech | |
CN1851667A (en) | Graphic user interface test method and system | |
CN1248116C (en) | General purpose testing arrangement for embedded module and subsystem based on host machine platform | |
CN1018208B (en) | Software agent for computer task automation and instruction delivery | |
CN1959652A (en) | Method and apparatus for debugging computer program in distributed debugger | |
CN111291384B (en) | Vulnerability scanning method and device and electronic equipment | |
CN1834907A (en) | System, method and program product to optimize code during run time | |
CN101060436A (en) | A fault analyzing method and device for communication equipment | |
CN100340997C (en) | Automatic test method of application | |
CN1900940A (en) | Method for computer safety start | |
CN1361489A (en) | Automatic circular daily record information storing method and system | |
CN106598859A (en) | Appium multi-thread implementation system and method | |
CN1641601A (en) | Software unit measuring method | |
CN1728106A (en) | Method for positioning malfunction of application program | |
CN1295600C (en) | Windows program abnormality capturing and positioning method | |
CN103777978A (en) | Automatic user-mode 3G-USB network interface card detecting method based on Linux kernel | |
CN1248115C (en) | Method for readlizing universal test report |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C56 | Change in the name or address of the patentee | ||
CP03 | Change of name, title or address |
Address after: South Avenue, Haidian District, Beijing, Zhongguancun Patentee after: Beijing Venus Information Technology Co., Ltd. Address before: South Avenue, Haidian District, Beijing, Zhongguancun Patentee before: Beijing Qiming Xingchen Information Technology Co., Ltd. |
|
C56 | Change in the name or address of the patentee |
Owner name: BEIJING QIMINGXINGCHEN INFORMATION TECHNOLOGY CO., Free format text: FORMER NAME: BEIJING QIMING XINGCHEN INFORMATION TECHNOLOGY CO. LTD. |
|
ASS | Succession or assignment of patent right |
Owner name: BEIJING QIMINGXINCHEN INFORMATION SECURITY TECHNOL |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100081 ZHONGGUANCUN SOUTH AVENUE, HAIDIAN DISTRICT, BEIJING CITY TO: 100193QIMINGXINGCHEN BUILDING, BUILDING 21, ZHONGGUANCUN SOFTWARE PARK, NO.8, DONGBEIWANG WEST ROAD, HAIDIAN DISTRICT, BEIJING CITY |
|
TR01 | Transfer of patent right |
Effective date of registration: 20100507 Address after: 100193 Beijing city Haidian District Dongbeiwang qimingxingchenmansionproject Building No. 21 West Road No. 8 Zhongguancun Software Park Co-patentee after: Beijing Venusense Information Security Technology Co., Ltd. Patentee after: Beijing Venus Information Technology Co., Ltd. Address before: 100081 Haidian District Zhongguancun South Avenue, Beijing Patentee before: Beijing Venus Information Technology Co., Ltd. |
|
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090211 Termination date: 20130516 |