Virus feature extraction method and system, storage medium and terminal

Virus feature extraction method and system, storage medium and terminal

The invention provides a virus feature extraction method. The method comprises the following steps: acquiring a virus file; disassembling suspected files in the virus files according to a disassembling unit, and performing security verification on the residual virus files obtained by disassembling;...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WEI KAIZHI, GUAN ENYANG, LIANG WENXIANG
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a virus feature extraction method. The method comprises the following steps: acquiring a virus file; disassembling suspected files in the virus files according to a disassembling unit, and performing security verification on the residual virus files obtained by disassembling; if the security verification is passed, switching the disassembly position of the suspected file, updating the disassembly unit, and performing disassembly and security verification according to the updated disassembly unit; if the security verification is not passed, taking the residual virus file as a suspected file, and carrying out disassembly and security verification; and if the disassembly unit is a single byte and the safety verification of the residual virus file is not passed, taking the residual virus file as a virus feature. According to the invention, the virus file can be automatically and repeatedly disassembled in combination with the security verification result to extract the virus characteristics