MALICIOUS PROCESS DETECTION METHOD AND APPARATUS, ELECTRONIC DEVICE, AND STORAGE MEDIUM

摘要

Embodiments of the present application relate to the technical field of network security, and disclosed are a malicious process detection method and apparatus, an electronic device, and a storage medium. The method comprises: obtaining a target process requesting a network connection; obtaining a system call operation of the target process; and if the system call operation matches a target system call operation, determining that the target process is a malicious process. In the embodiments of the present application, the target process is first determined according to whether a network connection to the outside exists, and then, whether the target process is a malicious process is determined according to the system call operation of the target process, so that malicious processes established by a command interpreter of a system may be detected, and malicious processes that are not established according to system rules may also be detected, thereby greatly reducing the leakage rate of malicious processes and realizing more effective detection.