Patent · US Active

Method, server, and computer storage medium for identifying virus-containing files

US11163877B2 · kind B2 · utility

0Cited by

15References

17Claims

0Family size

Assignee

TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED · CN

Inventors

Shujie Lin · Edison, US
Yi-Ping Yang · Taipei, TW
Luxin LI · Nanhu, CN
Tao Yu · Beijing, CN

Key dates

Filing date	Sep 11, 2017
Grant date	Nov 2, 2021
Priority date	—
Expiry date	Jun 3, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/033
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

The present disclosure discloses an information processing method, including the steps of acquiring at least one executable file of a specified type; extracting a first operation instruction from the at least one executable file of the specified type; determining the first operation instruction as a feature instruction if a preset policy is met; extracting a feature value of the feature instruction; constructing a virus classification model based on the feature value of the feature instruction for obtaining a virus structural feature parameter; extracting a second operation instruction from at least one to-be-analyzed file when the at least one to-be-analyzed file is identified according to the virus classification model; and identifying the to-be-analyzed file as a virus file if the feature value of the second operation instruction corresponds to the virus structural feature parameter.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.