[go: up one dir, main page]

SG10201710656YA - Program, information processing apparatus and method - Google Patents

Program, information processing apparatus and method

Info

Publication number
SG10201710656YA
SG10201710656YA SG10201710656YA SG10201710656YA SG10201710656YA SG 10201710656Y A SG10201710656Y A SG 10201710656YA SG 10201710656Y A SG10201710656Y A SG 10201710656YA SG 10201710656Y A SG10201710656Y A SG 10201710656YA SG 10201710656Y A SG10201710656Y A SG 10201710656YA
Authority
SG
Singapore
Prior art keywords
program
api call
information
processing apparatus
information processing
Prior art date
Application number
SG10201710656YA
Inventor
Yoshimura Kunihiko
SATOMI Toshitaka
Masuoka Ryusuke
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Publication of SG10201710656YA publication Critical patent/SG10201710656YA/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/362Debugging of software
    • G06F11/3636Debugging of software by tracing the execution of the program
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Stored Programmes (AREA)

Abstract

PROGRAM, INFORMATION PROCESSING APPARATUS AND METHOD A program that causes an information processing apparatus to execute a process, the process includes executing a first program and a second program using a system including a kernel of an OS, acquiring first information regarding a first API call and second information regarding a second API call, executing a similarity judgment process in which a similarity between the first program and the second program is judged, wherein the first information is information indicating at least one of a type of the first API call, the number of executions of the first API call, and a call order of the first API call, the second information includes at least one of a type of the second API call, the second information includes the number of executions of the second API call, and a call order of the second API cal. FIG. 1
SG10201710656YA 2017-01-05 2017-12-21 Program, information processing apparatus and method SG10201710656YA (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2017000751A JP2018109910A (en) 2017-01-05 2017-01-05 Similarity determination program, similarity determination method, and information processing apparatus

Publications (1)

Publication Number Publication Date
SG10201710656YA true SG10201710656YA (en) 2018-08-30

Family

ID=60781718

Family Applications (1)

Application Number Title Priority Date Filing Date
SG10201710656YA SG10201710656YA (en) 2017-01-05 2017-12-21 Program, information processing apparatus and method

Country Status (4)

Country Link
US (1) US11036564B2 (en)
EP (1) EP3346408A1 (en)
JP (1) JP2018109910A (en)
SG (1) SG10201710656YA (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11163620B2 (en) * 2019-05-20 2021-11-02 Fujitsu Limited Predicting API endpoint descriptions from API documentation
US20230094066A1 (en) * 2021-09-30 2023-03-30 Cyberark Software Ltd. Computer-implemented systems and methods for application identification and authentication
US20230101198A1 (en) * 2021-09-30 2023-03-30 Cyberark Software Ltd. Computer-implemented systems and methods for application identification and authentication
CN117235686B (en) * 2023-10-30 2024-01-30 杭州海康威视数字技术股份有限公司 Data protection method, device and equipment

Family Cites Families (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7093239B1 (en) 2000-07-14 2006-08-15 Internet Security Systems, Inc. Computer immune system and method for detecting unwanted code in a computer system
US7487544B2 (en) 2001-07-30 2009-02-03 The Trustees Of Columbia University In The City Of New York System and methods for detection of new malicious executables
US6792543B2 (en) 2001-08-01 2004-09-14 Networks Associates Technology, Inc. Virus scanning on thin client devices using programmable assembly language
US7549164B2 (en) * 2003-06-11 2009-06-16 Symantec Corporation Intrustion protection system utilizing layers and triggers
US7000150B1 (en) * 2002-06-12 2006-02-14 Microsoft Corporation Platform for computer process monitoring
US7185320B2 (en) * 2003-06-27 2007-02-27 Hewlett-Packard Development Company, L.P. System and method for processing breakpoint events in a child process generated by a parent process
US7415699B2 (en) * 2003-06-27 2008-08-19 Hewlett-Packard Development Company, L.P. Method and apparatus for controlling execution of a child process generated by a modified parent process
US7353498B2 (en) * 2004-04-29 2008-04-01 Hewlett-Packard Development Company, L.P. Multi-process debugger
US20050273858A1 (en) * 2004-06-07 2005-12-08 Erez Zadok Stackable file systems and methods thereof
US7735138B2 (en) 2005-01-14 2010-06-08 Trend Micro Incorporated Method and apparatus for performing antivirus tasks in a mobile wireless device
US8312545B2 (en) 2006-04-06 2012-11-13 Juniper Networks, Inc. Non-signature malware detection system and method for mobile platforms
JP5083760B2 (en) 2007-08-03 2012-11-28 独立行政法人情報通信研究機構 Malware similarity inspection method and apparatus
KR101193728B1 (en) 2007-12-05 2012-10-22 시바우라 메카트로닉스 가부시키가이샤 Feature analyzing apparatus
JP2010009269A (en) 2008-06-26 2010-01-14 Iwate Univ Computer virus detection device, computer virus detection method and computer virus detection program
US20110041179A1 (en) 2009-08-11 2011-02-17 F-Secure Oyj Malware detection
KR101057432B1 (en) * 2010-02-23 2011-08-22 주식회사 이세정보 Systems, methods, programs and recording media that detect and block harmful programs in real time through analysis of process behavior
JP2011258019A (en) 2010-06-09 2011-12-22 Nippon Telegr & Teleph Corp <Ntt> Abnormality detection device, abnormality detection program and abnormality detection method
JP5437964B2 (en) 2010-10-06 2014-03-12 日本電信電話株式会社 Analysis method, analysis apparatus, and analysis program
US20120102569A1 (en) 2010-10-21 2012-04-26 F-Secure Corporation Computer system analysis method and apparatus
US8555385B1 (en) * 2011-03-14 2013-10-08 Symantec Corporation Techniques for behavior based malware analysis
US9652616B1 (en) * 2011-03-14 2017-05-16 Symantec Corporation Techniques for classifying non-process threats
JP5665188B2 (en) * 2011-03-31 2015-02-04 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation System for inspecting information processing equipment to which software update is applied
US8806641B1 (en) 2011-11-15 2014-08-12 Symantec Corporation Systems and methods for detecting malware variants
US9558348B1 (en) * 2012-03-01 2017-01-31 Mcafee, Inc. Ranking software applications by combining reputation and code similarity
US9021589B2 (en) * 2012-06-05 2015-04-28 Los Alamos National Security, Llc Integrating multiple data sources for malware classification
JP6590481B2 (en) * 2012-12-07 2019-10-16 キヤノン電子株式会社 Virus intrusion route specifying device, virus intrusion route specifying method and program
US9448859B2 (en) * 2013-09-17 2016-09-20 Qualcomm Incorporated Exploiting hot application programming interfaces (APIs) and action patterns for efficient storage of API logs on mobile devices for behavioral analysis
US10666677B2 (en) * 2013-09-23 2020-05-26 New York University System, method and computer-accessible medium for deterrence of malware
JP6000465B2 (en) 2013-09-25 2016-09-28 三菱電機株式会社 Process inspection apparatus, process inspection program, and process inspection method
US9489514B2 (en) 2013-10-11 2016-11-08 Verisign, Inc. Classifying malware by order of network behavior artifacts
EP3087475A4 (en) * 2013-12-26 2017-07-19 McAfee, Inc. Generic unpacking of program binaries
US20150205962A1 (en) * 2014-01-23 2015-07-23 Cylent Systems, Inc. Behavioral analytics driven host-based malicious behavior and data exfiltration disruption
US8930916B1 (en) * 2014-01-31 2015-01-06 Cylance Inc. Generation of API call graphs from static disassembly
JP6174520B2 (en) * 2014-05-22 2017-08-02 日本電信電話株式会社 Malignant communication pattern detection device, malignant communication pattern detection method, and malignant communication pattern detection program
JP6459289B2 (en) * 2014-08-07 2019-01-30 日本電気株式会社 Malware estimation apparatus, malware estimation method, and malware estimation program
KR101620931B1 (en) * 2014-09-04 2016-05-13 한국전자통신연구원 Similar malicious code retrieval apparatus and method based on malicious code feature information
US10043009B2 (en) 2014-09-24 2018-08-07 Intel Corporation Technologies for software basic block similarity analysis
US20160094564A1 (en) 2014-09-26 2016-03-31 Mcafee, Inc Taxonomic malware detection and mitigation
JP6282217B2 (en) 2014-11-25 2018-02-21 株式会社日立システムズ Anti-malware system and anti-malware method
EP3227820A1 (en) 2014-12-05 2017-10-11 Permissionbit Methods and systems for encoding computer processes for malware deteection
CN105989283B (en) * 2015-02-06 2019-08-09 阿里巴巴集团控股有限公司 A kind of method and device identifying virus mutation
JP2016206950A (en) * 2015-04-22 2016-12-08 日本電信電話株式会社 Perusal training data output device for malware determination, malware determination system, malware determination method, and perusal training data output program for malware determination
US20160379136A1 (en) * 2015-06-26 2016-12-29 Qualcomm Incorporated Methods and Systems for Automatic Extraction of Behavioral Features from Mobile Applications
US10230749B1 (en) * 2016-02-29 2019-03-12 Palo Alto Networks, Inc. Automatically grouping malware based on artifacts
US10200390B2 (en) * 2016-02-29 2019-02-05 Palo Alto Networks, Inc. Automatically determining whether malware samples are similar
US9917855B1 (en) * 2016-03-03 2018-03-13 Trend Micro Incorporated Mixed analysys-based virtual machine sandbox
US20170308701A1 (en) * 2016-04-22 2017-10-26 Qualcomm Incorporated Methods and Systems for Intelligently Detecting Malware and Attacks on Client Computing Devices and Corporate Networks
RU2634177C1 (en) * 2016-05-20 2017-10-24 Акционерное общество "Лаборатория Касперского" System and method for unwanted software detection
WO2018006241A1 (en) * 2016-07-04 2018-01-11 Mcafee, Inc. Method and apparatus to detect security vulnerabilities in web application
CN106599686B (en) 2016-10-12 2019-06-21 四川大学 A Malware Clustering Method Based on TLSH Feature Representation
JP6104447B1 (en) * 2016-10-31 2017-03-29 株式会社ソリトンシステムズ Program operation monitoring control device, distributed object generation management device, program, and program operation monitoring system
US9804952B1 (en) * 2016-11-07 2017-10-31 Red Hat, Inc. Application debugging in a restricted container environment
US10552609B2 (en) * 2016-12-30 2020-02-04 Intel Corporation Malicious object detection in a runtime environment
US10169586B2 (en) * 2016-12-31 2019-01-01 Fortinet, Inc. Ransomware detection and damage mitigation
US10645099B1 (en) * 2017-09-01 2020-05-05 Ca, Inc. Malware detection facilitated by copying a memory range from an emulator for analysis and signature generation

Also Published As

Publication number Publication date
JP2018109910A (en) 2018-07-12
EP3346408A1 (en) 2018-07-11
US20180189116A1 (en) 2018-07-05
US11036564B2 (en) 2021-06-15

Similar Documents

Publication Publication Date Title
PH12019501795B1 (en) Method and apparatus for writing service data into block chain and method for determining service subset
SG10201710656YA (en) Program, information processing apparatus and method
MY190598A (en) Blockchain data processing method and apparatus
IN2015CH04673A (en)
SG10201901732UA (en) Sensitive information processing method, device, server and security determination system
MY192409A (en) Business processing method and apparatus
MY186956A (en) Headless task completion within digital personal assistants
WO2019014523A8 (en) Systems and methods for automated decentralized multilateral transaction processing
SG10201710531VA (en) Program, information processing apparatus and method
MX358805B (en) Method and apparatus for processing application program package.
MX364614B (en) Short message reading method and device.
EP4220399A3 (en) Dynamic reconfiguration of applications on a multi-processor embedded system
MX363112B (en) Information processing method and device.
EP3471089A4 (en) ACOUSTIC PROCESSING DEVICE, ACOUSTIC PROCESSING METHOD, AND COMPUTER PROGRAM
GB2562014A (en) Prioritization of transactions
MY188875A (en) Terminal application process management method and apparatus
PH12018500868A1 (en) Method, system, and device for process triggering
GB2547755A (en) System and method for providing contextual analytics data
WO2019126797A3 (en) System and method for executing instructions
GB2543437A (en) System and method for increasing the bit depth of images
SG10201710658XA (en) Program, information processing apparatus and method
IN2014CH00923A (en)
MY188636A (en) Application program data processing method and device
MX384511B (en) RECEIVING APPARATUS, SENDING APPARATUS AND DATA PROCESSING METHOD.
GB2578369B (en) Information processing device, method therefor and computer program