Detection device and method of unknown application bug threat
作者: Feng Nan , Ling Shibo , Zhao Bin , Zhu Xuewen
DOI:
关键词: Process (computing) 、 False alarm 、 Preprocessor 、 Real-time computing 、 Knowledge base 、 Filter (signal processing) 、 Field (computer science) 、 Expert system 、 Sample (material) 、 Computer science
摘要: The invention relates to the technical field of computer communication, in particular a detection device and method unknown application bug threat. comprises sample acquisition device, preprocessing filter an analog behavior monitoring comparison analysis wherein is used for collecting transmitted document attachment from flow network inlet; collected filtering known accessories which contain bugs obviously do not bugs; carrying out simulation execution on filtered accessories; process monitored recorded by find suspicious acts exhibit security threats process. An expert system knowledge base adopted carry result judgment detected can intelligently judge whether be taken advantage are presence or along with situation that constantly enriched, problem false alarm effectively solved.
lens.org 参考文章(7)
Paul Reuben Day, John Matthew Santosuosso, Cary Lee Bates, Web server apparatus and method for virus checking ,(2004)
Aifen Sui, Daifei Guo, Method and device for detecting virus in mobile communication system ,(2012)
Ping Zhang, Bing Xu, Guangyu Zeng, Qingbao Li, Automatic binary unwanted code behavior analysis method ,(2011)
Weidong Wang, Method and device for detecting abnormal network behavior ,(2012)
Li Ke, Leak detection method and device ,(2013)
Weijian Li, Kai Xiao, Min Li, Min Zhao, Hui Yao, Method, apparatus and network device for identifying virus document ,(2009)
Liu Jia Nan, Song Bing, Li Baisong, Botnet detection method and system on basis of gateway and local ,(2014)