Method, apparatus and device for extracting program derivatives in sandbox, and readable medium

Method, apparatus and device for extracting program derivatives in sandbox, and readable medium

The present invention provides a method, an apparatus and a device for extracting program derivatives in a sandbox, and a computer readable medium. The method comprises: an associating step of establishing an association relationship between a first file and a first backup file in a sandbox; a recor...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WEI LIZHEN, QIU JIAN, LUO JIA, LIANG YULU, LIU XING, LIN GUIQI
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention provides a method, an apparatus and a device for extracting program derivatives in a sandbox, and a computer readable medium. The method comprises: an associating step of establishing an association relationship between a first file and a first backup file in a sandbox; a recording step of recording in the first backup file according to an operation type of the first file, and modifying the reference count of the first file; and a program derivative extraction step of parsing the first backup file to restore the file content and the writing order each time before and after the program is written, analyzing an operation process performed by the program on the first file and obtaining the program derivatives. According to the technical scheme of the present invention, by establishing a data structure associating the file with the backup file, the file content and the writing order each time before and after the program is written can be extracted in the sandbox, that is, the entire content