Malicious application program detection method and device, electronic device and readable storage medium
Embodiments of the invention provide a malicious application detection method and device, an electronic device and a readable storage medium. The method comprises the steps of determining a memory region corresponding to a kernel module in a target device as a to-be-detected memory region; determini...
Saved in:
Main Author | |
---|---|
Format | Patent |
Language | Chinese English |
Published |
08.09.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Embodiments of the invention provide a malicious application detection method and device, an electronic device and a readable storage medium. The method comprises the steps of determining a memory region corresponding to a kernel module in a target device as a to-be-detected memory region; determining a kernel module pointed by the memory data in the to-be-detected memory region as a to-be-detected kernel module; and determining whether a malicious application exists in the target device based on the to-be-detected kernel module. Based on the processing, the detection precision of the malicious application program can be improved.
本申请实施例提供了一种恶意应用程序检测方法、装置、电子设备及可读存储介质,确定目标设备中内核模块对应的内存区域,作为待检测内存区域;确定待检测内存区域中的内存数据所指向的内核模块,作为待检测内核模块;基于待检测内核模块,确定目标设备中是否存在恶意应用程序。基于上述处理,能够提高恶意应用程序的检测精度。 |
---|---|
Bibliography: | Application Number: CN202010467743 |