CN103294954A - Compound document malicious code detecting technique and system based on spectral analysis - Google Patents
Compound document malicious code detecting technique and system based on spectral analysis Download PDFInfo
- Publication number
- CN103294954A CN103294954A CN2013102245691A CN201310224569A CN103294954A CN 103294954 A CN103294954 A CN 103294954A CN 2013102245691 A CN2013102245691 A CN 2013102245691A CN 201310224569 A CN201310224569 A CN 201310224569A CN 103294954 A CN103294954 A CN 103294954A
- Authority
- CN
- China
- Prior art keywords
- compound document
- malicious code
- document
- spectrum
- phase spectrum
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention relates to the technical field of computer malicious code detecting and spectral analysis and aims at providing a compound document malicious code detecting technique and system based on spectral analysis. The compound document malicious code detecting technique utilizes a detecting scheme based on compound document phase spectrum analysis and includes a method of converting binary data of a static compound document into a phase spectrum, a method of automatically extracting features such as uniformity, phase values and spectrum width of the phase spectrum, a method of building a large number of comparison sets by designing comparison experiments and calculating out a general difference formulating and determining criterion and a method of detecting malicious codes of the compound document by analyzing features of the phase spectrum. The compound document malicious code detecting system is strong in pertinence of an objective, does not need actuation in the process of detecting and can detect out unknown malicious codes. The compound document malicious code detecting technique and system based on spectral analysis is a novel solution to detection of malicious codes of compound documents.
Description
Technical field
The present invention relates to computer malevolence code detection technique field and spectrum analysis technique field, relate in particular to a kind of compound document malicious code detection technique and system based on spectrum analysis.
Background technology
Continuous development along with teleworking, the electronic document that with the compound document is representative uses more and more general, in this simultaneously compound document also become the target of attack of malicious code, by self is tied to compound document, malicious code can be realized starting and hiding self easily.Relate to accounting for about 5% of compound document in the annual detected malice file, user's ratio that file carries malicious code when using browser and instant chat software to download or accepting file has very big proportionate relationship here again to compound document between 6%-10%.The security of compound document has been subjected to serious threat, the compound document malicious code is detected targetedly very urgent.
Traditional detection at malicious code mainly is divided into condition code detection technique and non-condition code detection technique.The condition code detection technique is a kind of static detection method, by the method for extracting the malicious code condition code it is detected.Non-condition code technology is also referred to as dynamic detection technology, and existing technology mainly contains detection technique, sandbox technology of malicious code detection technique based on behavioural analysis, heuristic analysis etc.Traditional malicious code detection technique these problems below existing aspect the malicious code that detects the compound document type.
One, the Static Detection technology can't detect unknown malicious code.
Two, the dynamic detection technology detection efficiency is low, cost is big, and accuracy is on the low side.
Three, do not have a kind of special detection method at the compound document malicious code, still adopt traditional technology for the detection of compound document malicious code, do not take full advantage of the design feature of compound document.
Simultaneously because the compound document malicious code is fascinating high, implement comparatively simple, so the malicious code quantity of propagating by compound document can get more and more.Therefore, be detected as the problem that presses for research at the compound document malicious code, need a kind of new method of research, can be at the characteristics of compound document, overcome three above problems, propose a kind of detection technique that is different from traditional malicious code detecting method, the compound document malicious code is effectively detected.
Summary of the invention
" a kind of compound document malicious code detection technique and system based on spectrum analysis " is at the prior art problem proposed invention that exists in the research process of malicious code detection technique.A target of the present invention is to improve the weakness of existing detection method specific aim difference, and a kind of compound document malicious code detection technique based on spectrum analysis is provided, and targetedly the compound document of having bound malicious code is detected.The binary data of compound document also can be regarded as a kind of signal to some degree, will show certain characteristic at frequency domain as a kind of signal, by the data of compound document being carried out time domain to the conversion of frequency domain, just can obtain its characteristic on frequency domain.Detection method among the present invention provides a kind of brand-new detection thinking, do not rely on the traditional static nature of malicious code and behavioural characteristic, do not need to open compound document, do not need the each side state variation of monitoring system, but detect according to the phase spectrum feature of compound document.This method effectively protection system and secure user data in testing process, and this detection scheme is with strong points, so also more traditional detection technique height of the accuracy rate of its detection.
In order to realize above-mentioned target, the invention provides a kind of compound document malicious code detection system based on spectrum analysis, this system can extract sequence of real numbers from the binary data of compound document, adopt related algorithm to carry out the phase spectrum that conversion obtains document then, and then judge according to the phase spectrum feature.This system has comprised: management end manages testing process and testing result, and safeguards a property data base; Data extractor is used for separating from the binary data of compound document the data of fixed part, and converts binary data to sequence of real numbers, according to sampling rate sequence of real numbers is sampled then; The phase spectrum maker receives the data from data extraction module, adopts corresponding mapping algorithm, generates the phase spectrum of document; Frequency spectrum analyser is used for the document phase spectrum that generates is carried out signature analysis, provides result of determination.
Description of drawings
From the detailed description below in conjunction with accompanying drawing, will clearer understanding target of the present invention, implementation method, advantage and characteristic, wherein.
Fig. 1 is an Organization Chart of showing the compound document malicious code detection system based on spectrum analysis of the present invention.
Fig. 2 is a block scheme of showing the inner component units of detection system management end of the present invention.
Fig. 3 is an explanation detection system data extractor of the present invention is extracted data from compound document synoptic diagram.
Fig. 4 is the synoptic diagram that an explanation detection system phase spectrum maker of the present invention generates the phase spectrum process.
Fig. 5 is a block scheme of showing the inner component units of detection system frequency spectrum analyser of the present invention.
Fig. 6 is the process flow diagram of a complete workflow of explanation detection system of the present invention.
Embodiment
The malicious code that is used for the binding sample among the present invention in the decision criteria formulation process has a lot of types, utilizes the Bind tool to be tied to these codes in the normal compound document, and these malicious codes mainly contain following types.
1) downloader code.
2) keyboard record code.
3) revise the registry entry code.
4) password sends code.
5) uplink data code.
6) pop-up window code.
The present invention is described further below in conjunction with accompanying drawing.The present invention aims to provide a kind of system that detects at the compound document malicious code, the malicious code that comprises in the compound document of common formats such as the detection Office series documentation of efficiently and accurately, PDF document, the safety of protection system data and user data.
Fig. 1 is one and describes the Organization Chart that system of the present invention forms.
As shown in Figure 1, the core of detection system is management end, carry out data interaction with other modules, other modules are operated accordingly according to the configuration information of management end, management end is being safeguarded a property data base simultaneously, phase spectrum characteristic information and the decision criteria of the compound document of various forms deposited in the inside, at dissimilar malicious codes different decision criterias arranged.Can also carry out management and the modification of various configuration informations by management end, sampling frequency, mapping algorithm etc. are wherein arranged.Compound document enters detection system from data converter, through a series of conversion and judgement, by management end output result.
Fig. 2 is a synoptic diagram of describing the inner component units of management end.
As shown in Figure 2, management end is made up of logic control element, database management unit, policy configurations unit and user interface elements.Logic control element is responsible for controlling the operation logic of total system, by system's other parts are called to realize measuring ability.Database management unit is in charge of maintenance data base, main storage criterion and testing result in the database, the content of testing result mainly contains file type, MD5 value and to the result of determination of the document, all to carry out calculating and the coupling of MD5 before file to be detected being detected earlier at every turn, the match is successful then directly provides original testing result, avoids duplicate detection.The various policy informations in system's testing process then are in charge of in the policy configurations unit, and logic control element can carry out corresponding operating according to each assembly of these collocation strategy control system.User interface elements is the platform of system and user interactions, and by this unit, the user can check testing result and change system configuration information.
Fig. 3 is a displaying data extractor is extracted data from compound document synoptic diagram.
As shown in Figure 3, data reader reads in internal memory with the binary data of compound document, at first judges Doctype according to fixed byte, then according to the storage class of the document, peel off the data of fixed part, reduce the data volume of subsequent calculations, improve the efficient of system.Afterwards binary data is carried out the system conversion, make it become sequence of real numbers, the final data reader will be sampled to sequence of real numbers according to the sampling rate of management end configuration, give the phase spectrum maker with sampling results and carry out computing.Be to be that a unit carries out scale-of-two to the conversion of sequence of real numbers with 4 bits among Fig. 3, also can adopt other figure place combination, as 6,8 etc.Simultaneously when the sequence of real numbers after the conversion is sampled, also there is different sampling rates available: gross sample, every a sampling, sample etc. every two.Adopt the bit combination of how many positions to change and adopt what sampling rate to sample, determine according to the different characteristics of compound document and the different of malicious code kind of binding.
Fig. 4 shows that the phase spectrum maker generates the synoptic diagram of phase spectrum process.
As shown in Figure 4, behind the sequence of real numbers input phase spectrum maker, the phase spectrum maker with the sequence of real numbers of input as the dependent variable of a function, with the order information of sequence in document as the time independent variable, function on the structure time domain, then this function is carried out FFT conversion (also having other conversion such as wavelet transformation except the FFT conversion), draw phase spectrum at last, this phase spectrum is exactly the phase spectrum through the compound document after the extraction conversion.
Fig. 5 is a synoptic diagram of describing the inner component units of frequency spectrum analyser.
As shown in Figure 5, pass to frequency spectrum analyser after phase spectrum generates and carry out spectrum analysis.The present invention can realize the foundation that the compound document of having bound malicious code detects, and to be normal document there are differences with aspects such as having infected the uniformity coefficient of the compound document of malicious code at phase spectrum, phase value, spectrum width.Feature extraction unit can extract spectrum signature from phase spectrum, identifying unit is according to the decision criteria in the database then, to compound document whether carry malicious code judge.Of paramount importance part is the formulation of decision criteria in the detection system of the present invention, and this link relates to the phase spectral analysis of generation, test, phase spectrum calculating and the control group of great amount of samples.Because the array configuration of the binary data of every kind of compound document is also different, so their phase spectrum characteristic difference is also very big, and then need set decision criteria separately to every kind of compound document.
Be used for phase spectrum feature that decision criteria formulates in the described compound document malicious code detection system and mainly comprise following one or more.
1) phase place whether evenly be distributed in the whole frequency range, cause PHASE DISTRIBUTION inhomogeneous thereby the phase spectrum of the compound document of the malicious code of general binding some pulses all can occur at last lower limb.
2) phase value of edge pulse about the phase spectrum, the coboundary of phase spectrum of for example having bound the PDF document of malicious code a phase place can occur greater than 0 ° spike pulse, and the coboundary of corresponding normal document is more smooth, and PHASE DISTRIBUTION is substantially all below-30 °.
3) scope of whole PHASE DISTRIBUTION for example comprises the PHASE DISTRIBUTION of Word document of malicious code the chances are about the twice of corresponding normal document.
Decision criteria mainly is that the general difference by the normal document of more various Doctypes and sample files phase spectrum obtains, analyze this general difference, just need a large amount of control groups, at first to construct a large amount of various types of normal documents, use the Bind tool of corresponding document that various types of malicious codes are tied in the normal document then, like this each normal document with corresponding binding the sample files of malicious code just constituted one group of control group, here each sample files needs to verify, phase spectrum difference to every group of document is analyzed, and counts general difference then and makes decision criteria.In the formulation process of decision criteria, at not having one group of control group, again can different number of bits, sampling frequency, the algorithms of conversion, compare longitudinally then, find out and make the combination of the most tangible number of bits of control group feature difference, sampling frequency and algorithm.
Fig. 6 is a process flow diagram of showing the complete workflow of detection system.
As shown in Figure 6, after the compound document input, at first can calculate the MD5 value of compound document, judge that with this whether the document is tested, prevents the duplicate detection to same document.If do not detect, then data extractor begins to carry out data extract work, converts binary data to sequence of real numbers, according to sampling rate sequence of real numbers is sampled, and transfers to the phase place spectrogram that the phase spectrum maker generates document then.At first carry out feature extraction behind the phase place spectrogram that frequency spectrum analyser obtains generating, then according to the spectral characteristic of the characteristic information analysis phase spectrum that extracts, at last make final decision according to the decision criteria of the compound document of the respective type of storing in the database, the result is returned to management end.
As mentioned above, the present invention detects the malicious code of binding by the spectrum signature that generates and extract compound document, its advantage is: 1, the detected object specific aim is very strong, the decision criteria of every kind of document is formulated by sample analysis independently, and the detection accuracy rate of system is high more a lot of than the detection accuracy rate of traditional detection technique like this; 2, the detection technique of this system does not need parse documents, the safety of protection system data and user data so effectively in testing process; 3, the formulation of decision criteria is based on the phase spectrum difference of binary data, gets by lot of data contrast and statistics, therefore can detect some effectively at the code of walking around of some protection mechanism, reduces rate of failing to report.4, detection method of the present invention is different from traditional Static Detection and detection of dynamic, by analysis spectrum, can detect unknown malicious code.
Although described the preferred embodiments of the present invention for purposes of illustration, those skilled in the art will understand, and under the situation that does not break away from the of the present invention scope and spirit disclosed as appended claims, various modifications, increase and replacement all are possible.
Claims (9)
1. the compound document malicious code detection technique based on spectrum analysis is characterized in that described method comprises the steps:
A, the phase spectrum of a large amount of normal compound documents and corresponding sample document is compared analysis, draw general difference, make decision criteria;
B, data extractor are carried out the system conversion to the binary data of compound document, are converted into sequence of real numbers;
C, phase spectrum maker carry out conversion such as Fourier to the data of compound document, and draw the phase spectrum of compound document;
D, frequency spectrum analyser extract the feature of phase spectrum;
E, frequency spectrum analyser detect according to the phase spectrum feature of decision criteria and the compound document that extracts.
2. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 1 is characterized in that described steps A further comprises the steps:
A1, design contrast experiment design different contrast experiment's combinations according to kind, the kind of compound document, the type of mapping algorithm, the scale-of-two of binding malicious code to different situations such as sequence of real numbers conversion method, sampling frequencys;
A2, the sample in the combination is carried out corresponding conversion, generate the phase spectrum of sample;
A3, the sample phase spectrum that generates in the A2 step is analyzed, seeks the general difference between normal sample and extension horse sample, make the decision criteria of every kind of situation then.
3. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 2 is characterized in that the different situations described in the steps A 1 specifically refer to:
The kind of malicious code has downloader code, keyboard record code, modification registry entry code, password to send code, uplink data code, pop-up window code etc.; The kind of compound document has the document of office series office documents Word, Excel, PowerPoint and PDF etc.; Mapping algorithm has FFT fast fourier transform algorithm, Wavelet Transformation Algorithm etc.; It is that a unit changes to sequence of real numbers with 2,3,4,5,6,7,8,16 bits respectively that scale-of-two has to the kind of the conversion method of sequence of real numbers; Sampling frequency refers to how many positions to carry out single sample every in the whole sequence of real numbers that generate; Unique difference of every group of experiment combination is that document is clean or has bound the malicious code of a certain type, and other restrictive condition all is identical as mapping algorithm, document format, sampling rate etc.
4. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 2 is characterized in that the decision criteria described in the steps A 3 specifically refers to:
Judge whether a compound document binds the feature on the phase spectrum of malicious code, each bar decision criteria all detailed regulation its at the judgement object, as the decision criteria at word document binding keyboard record malicious code, each bar decision criteria has other qualifications, is applicable to that as certain bar decision criteria adopting 4 bits is that a unit carries out scale-of-two to the phase spectrum of the conversion of sequence of real numbers, gross sample, the generation of employing fft algorithm.
5. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 1 is characterized in that described step B further comprises the steps:
B1, compound document is read in internal memory, judge the type of document according to the zone bit of fixed position;
B2, according to the type of document, document is carried out data separating, extract the data division of fixed field;
B3, the data division that extracts is carried out system conversion, according to transferring the binary data grouping to sequence of real numbers described in the claim 3.
6. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 1 is characterized in that described step C further comprises the steps:
The phase spectrum maker receives from behind the sequence of real numbers after the conversion among the step B,
C1, with sequence of real numbers as dependent variable, real number sequence of positions hereof is as the time independent variable, the function on the structure time domain;
C2, to the structure function carry out Fast Fourier Transform (FFT) or wavelet transformation, obtain it in the expression of frequency domain;
C3, draw the phase place spectrogram of compound document according to transformation results, with data visualization.
7. a kind of compound document malicious code detection technique based on spectrum analysis according to claim 1 is characterized in that the phase spectrum feature described in the step D specifically comprises the following aspects:
Feature on D1, the phase spectrum uniformity coefficient;
The feature in D2, phase spectrum PHASE DISTRIBUTION interval;
The feature of D3, phase spectrum distribution frequency domain scope.
8. compound document malicious code detection system based on spectrum analysis is characterized in that described system comprises:
F, management end
G, data extractor
H, phase spectrum maker
I, frequency spectrum analyser
It is characterized in that described system also comprises
F1, logic control element for the operation logic of control total system, are realized cooperatively interacting between system's each several part;
F2, database management unit are used for the management maintenance database;
F3, policy configurations unit for the various policy configurations information of management system testing process, support logic control element to the control work of total system operation;
The F4 user interface elements is used for finishing the mutual of system and user, and the user checks testing result and change system configuration information by this unit;
I1, feature extraction unit are for the characteristic information that extracts the compound document phase place spectrogram that generates;
I2, criterion maintenance unit are used for the criterion of maintenance system;
I3, identifying unit are used for according to characteristic information and the criterion of extracting compound document being judged judge whether it binds malicious code, and the malicious code of having bound which kind of type.
9. compound document malicious code detection system based on spectrum analysis, it is characterized in that, described F management end can be to detected document calculations MD5 value, its testing result is carried out record, when new document is detected, at first counter MD5 value judges whether to detect, and avoids duplicate detection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310224569.1A CN103294954B (en) | 2013-06-07 | 2013-06-07 | A kind of compound document malicious code detecting method based on spectrum analysis and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310224569.1A CN103294954B (en) | 2013-06-07 | 2013-06-07 | A kind of compound document malicious code detecting method based on spectrum analysis and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103294954A true CN103294954A (en) | 2013-09-11 |
| CN103294954B CN103294954B (en) | 2015-12-02 |
Family
ID=49095796
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310224569.1A Expired - Fee Related CN103294954B (en) | 2013-06-07 | 2013-06-07 | A kind of compound document malicious code detecting method based on spectrum analysis and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103294954B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488408A (en) * | 2014-12-31 | 2016-04-13 | 中国信息安全认证中心 | Identification method and system of malicious sample type on the basis of characteristics |
| WO2019216502A1 (en) * | 2018-05-09 | 2019-11-14 | 국방과학연구소 | Apparatus and method for classifying malicious code data |
| CN110619216A (en) * | 2019-09-17 | 2019-12-27 | 武汉思普崚技术有限公司 | Malicious software detection method and system for adversarial network |
| CN113645787A (en) * | 2021-08-11 | 2021-11-12 | 浙江树人学院(浙江树人大学) | Self-service platform based on code analysis and detection |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007100916A2 (en) * | 2006-02-28 | 2007-09-07 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for outputting a dataset based upon anomaly detection |
| CN101459445A (en) * | 2008-12-29 | 2009-06-17 | 浙江大学 | Cooperative spectrum sensing method in cognitive radio system |
| US8370938B1 (en) * | 2009-04-25 | 2013-02-05 | Dasient, Inc. | Mitigating malware |
-
2013
- 2013-06-07 CN CN201310224569.1A patent/CN103294954B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007100916A2 (en) * | 2006-02-28 | 2007-09-07 | The Trustees Of Columbia University In The City Of New York | Systems, methods, and media for outputting a dataset based upon anomaly detection |
| WO2007100916A3 (en) * | 2006-02-28 | 2008-04-24 | Univ Columbia | Systems, methods, and media for outputting a dataset based upon anomaly detection |
| CN101459445A (en) * | 2008-12-29 | 2009-06-17 | 浙江大学 | Cooperative spectrum sensing method in cognitive radio system |
| US8370938B1 (en) * | 2009-04-25 | 2013-02-05 | Dasient, Inc. | Mitigating malware |
Non-Patent Citations (1)
| Title |
|---|
| 白金荣等: "基于ELF静态结构特征的恶意软件检测方法", 《四川大学学报(工程科学版)》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488408A (en) * | 2014-12-31 | 2016-04-13 | 中国信息安全认证中心 | Identification method and system of malicious sample type on the basis of characteristics |
| WO2019216502A1 (en) * | 2018-05-09 | 2019-11-14 | 국방과학연구소 | Apparatus and method for classifying malicious code data |
| CN110619216A (en) * | 2019-09-17 | 2019-12-27 | 武汉思普崚技术有限公司 | Malicious software detection method and system for adversarial network |
| CN110619216B (en) * | 2019-09-17 | 2021-09-03 | 武汉思普崚技术有限公司 | Malicious software detection method and system for adversarial network |
| CN113645787A (en) * | 2021-08-11 | 2021-11-12 | 浙江树人学院(浙江树人大学) | Self-service platform based on code analysis and detection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103294954B (en) | 2015-12-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Dias Neto et al. | A survey on model-based testing approaches: a systematic review | |
| CN101266550B (en) | Malicious code detection method | |
| US20120159625A1 (en) | Malicious code detection and classification system using string comparison and method thereof | |
| US11405416B2 (en) | Method and device for identifying security threats, storage medium, processor and terminal | |
| CN108062477A (en) | Hardware Trojan horse detection method based on side Multiple Channel Analysis | |
| CN109583194A (en) | The system and method for popularization degree detection anomalous event for the convolution based on event | |
| CN103294954B (en) | A kind of compound document malicious code detecting method based on spectrum analysis and system | |
| CN103559185B (en) | Test data document resolves storage method | |
| CN101883024A (en) | Dynamic detection method for cross-site forged request | |
| RU2722692C1 (en) | Method and system for detecting malicious files in a non-isolated medium | |
| CN101794224A (en) | Software run-time property monitoring method based on property specification mode | |
| CN108255837A (en) | A kind of SQL resolvers and method | |
| CN103176924A (en) | Output device, log collecting method for output device, and storage medium | |
| CN103049361A (en) | FPGA (Field Programmable Gata Array) with embedded logical analysis function and logical analysis system | |
| KR101266930B1 (en) | A visualization system for Forensics audit data | |
| US10121150B2 (en) | Compliance as a service for an organization | |
| CN114325405A (en) | Battery pack consistency analysis method, modeling method, device, equipment and medium | |
| CN104063245A (en) | Memory analysis and optimization method and system based on garbage collection | |
| Petrov et al. | Large-scale content profiling for preservation analysis | |
| CN103617122A (en) | Comparison method for source codes | |
| CN104574179A (en) | Double-check verification system and double-check verification method for bank card capital settlement platform | |
| McCamish et al. | A backend framework for the efficient management of power system measurements | |
| Reuther et al. | Managing the quality of person names in DBLP | |
| CN103678111A (en) | Evaluation method and evaluation device for similarity of source codes | |
| CN104794397B (en) | Virus detection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20151202 Termination date: 20210607 |