Title:
METHOD, APPARATUS AND SYSTEM FOR DETECTING SECURITY CONDITIONS OF TERMINAL
Document Type and Number:
WIPO Patent Application WO/2017/107616
Kind Code:
A1
Abstract:
A method, apparatus and system for detecting security conditions of a terminal. The method comprises: a security defence device receiving a file and executing the file to generate a dynamic behaviour result, wherein the dynamic behaviour result contains a behaviour sequence formed according to a behaviour occurrence time sequence; where the file contains an APT, the security defence device acquiring a stable behaviour feature from the dynamic behaviour result, generating a corresponding IOC according to the stable behaviour feature and sending same to a terminal, wherein the stable behaviour feature refers to a behaviour that appears in a behaviour sequence generated after each time the file is executed. By means of the solution provided in the present application, it can be detected whether there is a user infected with an APT inside a network and which user is infected with an APT.
Inventors:
GAN YONGCUN (CN)
Application Number:
PCT/CN2016/101263
Publication Date:
June 29, 2017
Filing Date:
September 30, 2016
Export Citation:
Assignee:
HUAWEI TECH CO LTD (CN)
International Classes:
H04L29/06
Foreign References:
CN102457495A | 2012-05-16 | |||
CN103051627A | 2013-04-17 | |||
CN102970309A | 2013-03-13 | |||
CN101572691A | 2009-11-04 | |||
US20060259967A1 | 2006-11-16 |
Other References:
See also references of EP 3288231A4
Download PDF:
Previous Patent: ANTENNA ASSEMBLY AND ELECTRONIC DEVICE
Next Patent: INTERFACE DISPLAY METHOD AND DEVICE
Next Patent: INTERFACE DISPLAY METHOD AND DEVICE