| 发明名称 |
METHOD, APPARATUS AND TERMINAL FOR DETECTING A MALWARE FILE |
| 摘要 |
The present application discloses a method, an apparatus and a terminal for detecting a malware file. One embodiment of the method comprises: obtaining a file to be inspected; determining an entropy vector of the file; and inspecting the entropy vector of the file using a trained inspection model to determine if the file is a malware file, wherein a file type of the file is identical to the file type corresponding to the inspection model. This embodiment extracts the entropy vector of the file and determines if the file is a malware file based on the entropy vector of the file. Therefore, the technical problems existed in the art, such as a low speed, a poor capacity and a low efficiency of detecting and destroying the malware file, are addressed and the efficiency of detecting and destroying the malware file is enhanced. |
| 申请公布号 |
US2017004306(A1) |
申请公布日期 |
2017.01.05 |
| 申请号 |
US201514985944 |
申请日期 |
2015.12.31 |
| 申请人 |
iYuntian Co., Ltd. |
发明人 |
ZHANG Zhuang;ZHAO Changkun;CAO Liang;DONG Zhiqiang |
| 分类号 |
G06F21/56 |
主分类号 |
G06F21/56 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for detecting a malware file, comprising:
acquiring a file to be inspected; determining an entropy vector of the file; and inspecting, using a trained inspection model, the determined entropy vector of the file to ascertain whether the file is a malware file, wherein a file type of the file is identical to a model file type corresponding to the inspection model. |
| 地址 |
Beijing CN |
