Title:
METHOD AND DEVICE FOR DETECTING VIRUS, AND STORAGE MEDIUM
Document Type and Number:
WIPO Patent Application WO/2018/121464
Kind Code:
A1
Abstract:
A method for detecting a virus, comprising: disassembling a sample to be tested to obtain a control flow graph corresponding to a disassembled function (S200); encoding each control flow graph separately to generate an identifier corresponding to each control flow graph (S202), different control flow graphs corresponding to different identifiers; collecting the identifiers corresponding to all control flow graphs to generate a feature of the sample to be tested (S204); matching the feature of the sample to be tested with features in a virus signature database (S206); if the feature of the sample to be tested matches a feature in the virus signature database successfully, determining that the sample to be tested is a malicious sample (S208). Also involved is a device for detecting a virus, and a storage medium.
More Like This:
| JP2009181361 | DATA PROCESSOR |
| WO/2022/246134 | REAL TIME THREAT KNOWLEDGE GRAPH |
| WO/2023/177020 | DEOBFUSCATION APPARATUS FOR DATA FLOW ANALYSIS OF OBFUSCATED APPLICATION, AND METHOD THEREFOR |
Inventors:
LUO YUANHAI (CN)
Application Number:
PCT/CN2017/118195
Publication Date:
July 05, 2018
Filing Date:
December 25, 2017
Export Citation:
Assignee:
TENCENT TECH SHENZHEN CO LTD (CN)
International Classes:
G06F21/56
Foreign References:
| CN106709350A | 2017-05-24 | |||
| CN104021346A | 2014-09-03 | |||
| CN104318161A | 2015-01-28 | |||
| CN106162648A | 2016-11-23 |
Other References:
JIANMIN ET AL., TECHNOLOGY OF COMPILING AND DECOMPILING, 30 April 2016 (2016-04-30), pages 362
Attorney, Agent or Firm:
CHINA PAT INTELLECTUAL PROPERTY OFFICE (CN)
Download PDF:
Previous Patent: SYSTEMS AND METHODS FOR INTERACTION WITH AN APPLICATION
Next Patent: DIPHOSPHINO METALLIC COMPLEXES, METHODS OF MAKING AND USING
Next Patent: DIPHOSPHINO METALLIC COMPLEXES, METHODS OF MAKING AND USING