Data collection method and device based on API calling and storage equipment

The embodiment of the invention provides a data collection method and device based on API calling and storage equipment, and aims to solve the problem that malicious code data acquired by analysts isinaccurate if malicious codes use an anti-virtual machine technology. The method comprises the follow...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	LYU JINGXIANG, TONG ZHIMING, HE GONGDAO
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title
container_volume
creator	LYU JINGXIANG TONG ZHIMING HE GONGDAO
description	The embodiment of the invention provides a data collection method and device based on API calling and storage equipment, and aims to solve the problem that malicious code data acquired by analysts isinaccurate if malicious codes use an anti-virtual machine technology. The method comprises the following steps: establishing an api attention list in a user machine, and marking recorded information for each api in the api attention list; monitoring an api calling condition in a user machine, and if the api in the api attention list is called, recording the information of the api according to themark of the recorded information of the api; and arranging the recorded api information to generate an api data list, and uploading and storing the api data list. 本发明实施例提供了一种基于API调用的数据收集方法、装置及存储设备，用以解决如果恶意代码使用了反虚拟机技术，分析人员获取的恶意代码数据不准确的问题。该方法包括：在用户机中建立api关注列表，对所述api关注列表中每一api进行记录信息的标记；监控用户机中api调用情况，若所述api关注列表中的api被调用，则根据该api的记录信息的标记，记录该api的信息；将记录的api信息整理生成api数据列表，上传并存储。
format	Patent
fullrecord	<record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_CN111026599A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>CN111026599A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_CN111026599A3</originalsourceid><addsrcrecordid>eNrjZPBxSSxJVEjOz8lJTS7JzM9TyE0tychPUUjMS1FISS3LTE5VSEosTk1RAEo5BngqJCfm5GTmpYPli0vyixLTUxVSC0szC3JT80p4GFjTEnOKU3mhNDeDoptriLOHbmpBfnxqcUFicmpeakm8s5-hoaGBkZmppaWjMTFqACRzNPE</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Data collection method and device based on API calling and storage equipment</title><source>esp@cenet</source><creator>LYU JINGXIANG ; TONG ZHIMING ; HE GONGDAO</creator><creatorcontrib>LYU JINGXIANG ; TONG ZHIMING ; HE GONGDAO</creatorcontrib><description>The embodiment of the invention provides a data collection method and device based on API calling and storage equipment, and aims to solve the problem that malicious code data acquired by analysts isinaccurate if malicious codes use an anti-virtual machine technology. The method comprises the following steps: establishing an api attention list in a user machine, and marking recorded information for each api in the api attention list; monitoring an api calling condition in a user machine, and if the api in the api attention list is called, recording the information of the api according to themark of the recorded information of the api; and arranging the recorded api information to generate an api data list, and uploading and storing the api data list. 本发明实施例提供了一种基于API调用的数据收集方法、装置及存储设备，用以解决如果恶意代码使用了反虚拟机技术，分析人员获取的恶意代码数据不准确的问题。该方法包括：在用户机中建立api关注列表，对所述api关注列表中每一api进行记录信息的标记；监控用户机中api调用情况，若所述api关注列表中的api被调用，则根据该api的记录信息的标记，记录该api的信息；将记录的api信息整理生成api数据列表，上传并存储。</description><language>chi ; eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2020</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200417&DB=EPODOC&CC=CN&NR=111026599A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76290</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200417&DB=EPODOC&CC=CN&NR=111026599A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>LYU JINGXIANG</creatorcontrib><creatorcontrib>TONG ZHIMING</creatorcontrib><creatorcontrib>HE GONGDAO</creatorcontrib><title>Data collection method and device based on API calling and storage equipment</title><description>The embodiment of the invention provides a data collection method and device based on API calling and storage equipment, and aims to solve the problem that malicious code data acquired by analysts isinaccurate if malicious codes use an anti-virtual machine technology. The method comprises the following steps: establishing an api attention list in a user machine, and marking recorded information for each api in the api attention list; monitoring an api calling condition in a user machine, and if the api in the api attention list is called, recording the information of the api according to themark of the recorded information of the api; and arranging the recorded api information to generate an api data list, and uploading and storing the api data list. 本发明实施例提供了一种基于API调用的数据收集方法、装置及存储设备，用以解决如果恶意代码使用了反虚拟机技术，分析人员获取的恶意代码数据不准确的问题。该方法包括：在用户机中建立api关注列表，对所述api关注列表中每一api进行记录信息的标记；监控用户机中api调用情况，若所述api关注列表中的api被调用，则根据该api的记录信息的标记，记录该api的信息；将记录的api信息整理生成api数据列表，上传并存储。</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2020</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZPBxSSxJVEjOz8lJTS7JzM9TyE0tychPUUjMS1FISS3LTE5VSEosTk1RAEo5BngqJCfm5GTmpYPli0vyixLTUxVSC0szC3JT80p4GFjTEnOKU3mhNDeDoptriLOHbmpBfnxqcUFicmpeakm8s5-hoaGBkZmppaWjMTFqACRzNPE</recordid><startdate>20200417</startdate><enddate>20200417</enddate><creator>LYU JINGXIANG</creator><creator>TONG ZHIMING</creator><creator>HE GONGDAO</creator><scope>EVB</scope></search><sort><creationdate>20200417</creationdate><title>Data collection method and device based on API calling and storage equipment</title><author>LYU JINGXIANG ; TONG ZHIMING ; HE GONGDAO</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_CN111026599A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>chi ; eng</language><creationdate>2020</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>LYU JINGXIANG</creatorcontrib><creatorcontrib>TONG ZHIMING</creatorcontrib><creatorcontrib>HE GONGDAO</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>LYU JINGXIANG</au><au>TONG ZHIMING</au><au>HE GONGDAO</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Data collection method and device based on API calling and storage equipment</title><date>2020-04-17</date><risdate>2020</risdate><abstract>The embodiment of the invention provides a data collection method and device based on API calling and storage equipment, and aims to solve the problem that malicious code data acquired by analysts isinaccurate if malicious codes use an anti-virtual machine technology. The method comprises the following steps: establishing an api attention list in a user machine, and marking recorded information for each api in the api attention list; monitoring an api calling condition in a user machine, and if the api in the api attention list is called, recording the information of the api according to themark of the recorded information of the api; and arranging the recorded api information to generate an api data list, and uploading and storing the api data list. 本发明实施例提供了一种基于API调用的数据收集方法、装置及存储设备，用以解决如果恶意代码使用了反虚拟机技术，分析人员获取的恶意代码数据不准确的问题。该方法包括：在用户机中建立api关注列表，对所述api关注列表中每一api进行记录信息的标记；监控用户机中api调用情况，若所述api关注列表中的api被调用，则根据该api的记录信息的标记，记录该api的信息；将记录的api信息整理生成api数据列表，上传并存储。</abstract><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier
ispartof
issn
language	chi ; eng
recordid	cdi_epo_espacenet_CN111026599A
source	esp@cenet
subjects	CALCULATING COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS
title	Data collection method and device based on API calling and storage equipment
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-30T09%3A02%3A47IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=LYU%20JINGXIANG&rft.date=2020-04-17&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3ECN111026599A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true