知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

1 records (took 0.013 seconds)

    APPARATUS AND METHOD FOR SEARCHING FOR SIMILAR MALICIOUS CODE BASED ON MALICIOUS CODE FEATURE INFORMATION
    1.
    发明申请
    APPARATUS AND METHOD FOR SEARCHING FOR SIMILAR MALICIOUS CODE BASED ON MALICIOUS CODE FEATURE INFORMATION 有权
    基于恶意代码特征信息搜索类似的恶意代码的装置和方法

    公开(公告)号:US20160072833A1

    公开(公告)日:2016-03-10

    申请号:US14788831

    申请日:2015-07-01

    Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

    Inventor: Dongphil KIM Inkyoung KIM Seokwoo CHOI Taejoo CHANG Wonho KIM Hyunggeun OH

    IPC: H04L29/06 G06F17/30

    CPC classification number: H04L63/1425 G06F17/30675 G06F21/561 G06F21/564 G06F21/566 H04L63/101 H04L63/1408 H04L63/145

    Abstract: An apparatus and method for searching for similar malicious code based on malicious code feature information. The apparatus includes a malicious code registration unit for registering input new malicious code as a new malicious code sample, and extracting and registering detailed information of the new malicious code sample, a malicious code analysis unit for analyzing the detailed information of the new malicious code sample, a malicious code DNA extraction unit for extracting malicious code DNA information including malicious code feature information, a malicious code DNA comparison unit for comparing the extracted malicious code DNA information with malicious code DNA information of prestored malicious code samples, and calculating similarities therebetween, and a similar malicious code search unit for calculating, based on the calculated similarities, all similarities between the new malicious code sample and prestored malicious code samples, and extracting a specific number of malicious code samples.

    Abstract translation: 一种基于恶意代码特征信息搜索类似恶意代码的装置和方法。 该装置包括用于将输入的新恶意代码注册为新的恶意代码样本的恶意代码注册单元,以及提取和登记新的恶意代码样本的详细信息,用于分析新的恶意代码示例的详细信息的恶意代码分析单元 恶意代码DNA提取单元,用于提取包括恶意代码特征信息的恶意代码DNA信息,恶意代码DNA比较单元,用于将提取的恶意代码DNA信息与预先存储的恶意代码样本的恶意代码DNA信息进行比较,并计算其间的相似度; 一个类似的恶意代码搜索单元,用于根据计算的相似度计算新的恶意代码样本和预存的恶意代码样本之间的所有相似性,并提取特定数量的恶意代码示例。

Patent Agency Ranking