Intelligent malicious program detection method, device and system based on hardware tracking technology

The invention discloses an intelligent malicious program detection method, device and system based on a hardware tracking technology, which can realize dynamic detection of malicious programs and perform deep learning processing by utilizing PT data during program operation, and the detection is eff...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	CHEN JIAQI, ZHANG BO, YING QIANJIN, LIU WENMAO, YU YULEI, TIAN DONGHAI
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING HANDLING RECORD CARRIERS PHYSICS PRESENTATION OF DATA RECOGNITION OF DATA RECORD CARRIERS
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	The invention discloses an intelligent malicious program detection method, device and system based on a hardware tracking technology, which can realize dynamic detection of malicious programs and perform deep learning processing by utilizing PT data during program operation, and the detection is efficient and accurate. The method comprises the steps of constructing a sample program for running in a virtual machine; sequentially running all the sample programs in the virtual machine, and capturing execution information of the sample programs by adopting an Intel PT mechanism to obtain a PT data packet sequence of the current sample program; storing the secure virtual machine snapshots, and recovering the secure virtual machine snapshots before execution of each sample program; carrying out pixelation processing on the PT data packet sequence corresponding to the sample program, and converting the PT data packet sequence into an RGB image, wherein each sample program corresponds to the RGB image and the label t