Malicious application program detection method and device, electronic device and readable storage medium

Embodiments of the invention provide a malicious application detection method and device, an electronic device and a readable storage medium. The method comprises the steps of determining a memory region corresponding to a kernel module in a target device as a to-be-detected memory region; determini...

Full description

Saved in:
Bibliographic Details
Main Author MA XIXING
Format Patent
LanguageChinese
English
Published 08.09.2020
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Embodiments of the invention provide a malicious application detection method and device, an electronic device and a readable storage medium. The method comprises the steps of determining a memory region corresponding to a kernel module in a target device as a to-be-detected memory region; determining a kernel module pointed by the memory data in the to-be-detected memory region as a to-be-detected kernel module; and determining whether a malicious application exists in the target device based on the to-be-detected kernel module. Based on the processing, the detection precision of the malicious application program can be improved. 本申请实施例提供了一种恶意应用程序检测方法、装置、电子设备及可读存储介质,确定目标设备中内核模块对应的内存区域,作为待检测内存区域;确定待检测内存区域中的内存数据所指向的内核模块,作为待检测内核模块;基于待检测内核模块,确定目标设备中是否存在恶意应用程序。基于上述处理,能够提高恶意应用程序的检测精度。
Bibliography:Application Number: CN202010467743