-
公开(公告)号:US20170026392A1
公开(公告)日:2017-01-26
申请号:US15039761
申请日:2013-12-27
CPC分类号: H04L63/1416 , G06F16/152 , G06F16/435 , G06F16/951 , G06F21/56 , G06F21/562 , H04L69/16
摘要: Systems and methods for detection of malicious exploitations in a multimedia file are disclosed. In one embodiment, such an approach includes parsing the compiled bytecode of a multimedia file to detect identified key instructions and determine if such key instructions are repeated in specific patterns that signify the presence of malicious exploitation. The approach may also include examining the contents of the constant pool table in a compiled multimedia file to detect specific shellcode strings that are indicative of presence of malicious exploitation. When the bytecode or the constant pool table indicates that malicious exploitation is present, an approach may be utilized to reduce instances of false positive identification of malicious exploitation.
摘要翻译: 公开了一种用于检测多媒体文件中的恶意利用的系统和方法。 在一个实施例中,这种方法包括解析多媒体文件的编译字节码以检测所识别的密钥指令,并确定这些密钥指令是否以表示存在恶意利用的特定模式重复。 该方法还可以包括在编译的多媒体文件中检查常量池表的内容以检测指示存在恶意利用的特定shellcode字符串。 当字节码或常量池表指示存在恶意利用时,可以采用一种方法来减少恶意利用的假阳性识别的实例。
搜索结果
1 条记录 (耗时 0.02 秒)
筛选
AND
AND
过滤
NOT
NOT
扫码加群
