CN101604363B - 基于文件指令频度的计算机恶意程序分类***及分类方法 - Google Patents
基于文件指令频度的计算机恶意程序分类***及分类方法 Download PDFInfo
- Publication number
- CN101604363B CN101604363B CN2009100409968A CN200910040996A CN101604363B CN 101604363 B CN101604363 B CN 101604363B CN 2009100409968 A CN2009100409968 A CN 2009100409968A CN 200910040996 A CN200910040996 A CN 200910040996A CN 101604363 B CN101604363 B CN 101604363B
- Authority
- CN
- China
- Prior art keywords
- sample
- family
- rogue program
- instruction
- central point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
Description
Claims (2)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009100409968A CN101604363B (zh) | 2009-07-10 | 2009-07-10 | 基于文件指令频度的计算机恶意程序分类***及分类方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009100409968A CN101604363B (zh) | 2009-07-10 | 2009-07-10 | 基于文件指令频度的计算机恶意程序分类***及分类方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101604363A CN101604363A (zh) | 2009-12-16 |
CN101604363B true CN101604363B (zh) | 2011-11-16 |
Family
ID=41470090
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2009100409968A Active CN101604363B (zh) | 2009-07-10 | 2009-07-10 | 基于文件指令频度的计算机恶意程序分类***及分类方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101604363B (zh) |
Families Citing this family (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102930206B (zh) | 2011-08-09 | 2015-02-25 | 腾讯科技(深圳)有限公司 | 病毒文件的聚类划分处理方法和装置 |
CN103324888B (zh) * | 2012-03-19 | 2016-04-27 | 哈尔滨安天科技股份有限公司 | 基于家族样本的病毒特征自动提取方法及*** |
CN103679012A (zh) * | 2012-09-03 | 2014-03-26 | 腾讯科技(深圳)有限公司 | 一种可移植可执行文件的聚类方法和装置 |
CN104008334B (zh) * | 2013-02-21 | 2017-12-01 | 腾讯科技(深圳)有限公司 | 一种文件的聚类方法和设备 |
CN104008333B (zh) * | 2013-02-21 | 2017-12-01 | 腾讯科技(深圳)有限公司 | 一种安装包的检测方法和设备 |
CN103810241B (zh) * | 2013-11-22 | 2017-04-05 | 北京奇虎科技有限公司 | 一种低频点击的过滤方法和装置 |
CN104331436B (zh) * | 2014-10-23 | 2017-06-06 | 西安交通大学 | 基于家族基因码的恶意代码快速归类方法 |
CN104376262B (zh) * | 2014-12-08 | 2018-01-09 | 中国科学院深圳先进技术研究院 | 一种基于Dalvik指令和权限组合的安卓恶意软件检测方法 |
CN104778406B (zh) * | 2015-04-08 | 2018-03-02 | 公安部第一研究所 | 一种基于文件指纹对恶意代码统一命名的方法及其*** |
CN105512191A (zh) * | 2015-11-25 | 2016-04-20 | 南京莱斯信息技术股份有限公司 | 一种具备人工行为学习能力的行业特征分析器 |
CN106960153B (zh) * | 2016-01-12 | 2021-01-29 | 阿里巴巴集团控股有限公司 | 病毒的类型识别方法及装置 |
CN106326746B (zh) * | 2016-08-26 | 2019-02-19 | 成都科来软件有限公司 | 一种恶意程序行为特征库构建方法及装置 |
CN106572122A (zh) * | 2016-12-09 | 2017-04-19 | 哈尔滨安天科技股份有限公司 | 基于网络行为特征关联分析的主机安全评估方法及*** |
CN106845229B (zh) * | 2016-12-28 | 2019-12-20 | 哈尔滨安天科技集团股份有限公司 | 一种基于fts模型的病毒特征提取方法及*** |
RU2724710C1 (ru) * | 2018-12-28 | 2020-06-25 | Акционерное общество "Лаборатория Касперского" | Система и способ классификации объектов вычислительной системы |
CN111770053B (zh) * | 2020-05-28 | 2022-12-16 | 江苏大学 | 一种基于改进的聚类与自相似性的恶意程序检测方法 |
CN112529037A (zh) * | 2020-11-06 | 2021-03-19 | 重庆恢恢信息技术有限公司 | 基于大数据分析建筑工地建设优化方法 |
CN112508050A (zh) * | 2020-11-06 | 2021-03-16 | 重庆恢恢信息技术有限公司 | 基于海量数据的建筑工程建设规划工作方法 |
CN112528284A (zh) * | 2020-12-18 | 2021-03-19 | 北京明略软件***有限公司 | 恶意程序的检测方法及装置、存储介质、电子设备 |
CN115203699B (zh) * | 2022-09-16 | 2022-12-27 | 北京网藤科技有限公司 | 一种基于行为特征的病毒识别方法和*** |
-
2009
- 2009-07-10 CN CN2009100409968A patent/CN101604363B/zh active Active
Also Published As
Publication number | Publication date |
---|---|
CN101604363A (zh) | 2009-12-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101604363B (zh) | 基于文件指令频度的计算机恶意程序分类***及分类方法 | |
Zhang et al. | Pattern recommendation in task-oriented applications: A multi-objective perspective [application notes] | |
CN104794242B (zh) | 一种搜索方法 | |
CN102194013A (zh) | 一种基于领域知识的短文本分类方法及文本分类*** | |
CN101604364B (zh) | 基于文件指令序列的计算机恶意程序分类***和分类方法 | |
CN102609422A (zh) | 类目错放识别方法和装置 | |
CN107357902A (zh) | 一种基于关联规则的数据表分类***与方法 | |
CN112257419A (zh) | 一种基于词频和语义计算专利文献相似度的智能检索方法、装置、电子设备及其存储介质 | |
CN105260742A (zh) | 一种针对多种数据类型的统一分类方法及*** | |
CN110647995A (zh) | 规则训练方法、装置、设备及存储介质 | |
CN108090178A (zh) | 一种文本数据分析方法、装置、服务器和存储介质 | |
EP3067804B1 (en) | Data arrangement program, data arrangement method, and data arrangement apparatus | |
Pandian et al. | SOTARM: Size of transaction-based association rule mining algorithm | |
He et al. | Predicting bugs in software code changes using isolation forest | |
CN106204053A (zh) | 信息类目错放识别方法和装置 | |
CN112632000A (zh) | 日志文件聚类方法、装置、电子设备和可读存储介质 | |
CN115757900B (zh) | 应用人工智能模型的用户需求分析方法及*** | |
US20200142910A1 (en) | Data clustering apparatus and method based on range query using cf tree | |
Abudalfa et al. | Semi-supervised target-dependent sentiment classification for micro-blogs | |
Glenis et al. | SCALE-BOSS: A framework for scalable time-series classification using symbolic representations | |
CN109739840A (zh) | 数据空值处理方法、装置及终端设备 | |
Lohumi et al. | Hierarchical clustering approach for determination of isomorphism among planar kinematic chains and their derived mechanisms | |
Wang et al. | Edcleaner: Data cleaning for entity information in social network | |
Bhiwani | K-Mean Evaluation in Weka Tool and Modifying It using Standard Score Method | |
JP2020166443A (ja) | データ加工方法レコメンドシステム、データ加工方法レコメンド方法、及びデータ加工方法レコメンドプログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: KINGSOFT CORPORATION LIMITED Free format text: FORMER OWNER: ZHUHAI KINGSOFT SOFTWARE CO., LTD. Effective date: 20140902 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 519015 ZHUHAI, GUANGDONG PROVINCE TO: 100085 SHIJINGSHAN, BEIJING |
|
TR01 | Transfer of patent right |
Effective date of registration: 20140902 Address after: Kingsoft No. 33 building, 100085 Beijing city Shijingshan District Xiaoying Road Patentee after: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Address before: Jinshan computer Building No. 8 Jingshan Hill Road, Lane 519015 Lianshan Jida Zhuhai city in Guangdong Province Patentee before: Zhuhai Kingsoft Software Co.,Ltd. |
|
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20091216 Assignee: Zhuhai Kingsoft Software Co.,Ltd. Assignor: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. Contract record no.: 2014990000778 Denomination of invention: Classification system and classification method of computer rogue programs based on file instruction frequency Granted publication date: 20111116 License type: Common License Record date: 20140926 |
|
LICC | Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model |