首页>
外国专利>
APPARATUS FOR PROCESSING CYBER THREAT INFORMATION, METHOD FOR PROCESSING CYBER THREAT INFORMATION, AND MEDIUM FOR STORING A PROGRAM PROCESSING CYBER THREAT INFORMATION
APPARATUS FOR PROCESSING CYBER THREAT INFORMATION, METHOD FOR PROCESSING CYBER THREAT INFORMATION, AND MEDIUM FOR STORING A PROGRAM PROCESSING CYBER THREAT INFORMATION
展开▼
机译:用于处理网络威胁信息的装置,用于处理网络威胁信息的方法,以及存储处理网络威胁信息的程序的媒介
展开▼
页面导航
摘要
著录项
相似文献
摘要
The disclosed embodiment provides a cyber threat information processing apparatus, a cyber threat information processing method, and a storage medium storing a cyber threat information processing program. As an embodiment of the present invention, the method comprising: disassembling an input executable file to obtain disassembled code, and reconstructing the disassembled code to obtain a reconstructed disassembled code; converting the reconstructed disassembled code into a hash function and converting the hash function into N-gram (N-gram, N is a natural number) data; and an identifier of an attack technique in which the block unit code performs the block unit code by performing ensemble machine learning on the block unit code of the converted N-gram data, and the block unit code. It is possible to provide a method for processing cyber security threat information, including a step of profiling with the generated attacker's identifier. According to the embodiment, it is possible to detect and respond to malicious code that does not exactly match the data learned by artificial intelligence, and to respond to a variant of the malicious code. method can be identified.
展开▼