Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Block-based virus detection method in P2P (peer-to-peer) network

A P2P network and virus detection technology, applied in the field of virus detection under the P2P network environment, can solve problems such as troubles, prone to false detection, and updates

Inactive Publication Date: 2012-03-21
TIANJIN UNIV
View PDF2 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The virus detection technology based on the signature code is efficient and accurate, but the disadvantage is that as long as the individual worms are slightly mutated, this method often loses its effectiveness, and the signature database needs to be updated regularly
However, this method still has the following disadvantages: ① Whether the honeypot can deceive network worms depends on a large number of factors, including the naming of the honeypot, the location of the honeypot in the network, and the reliability of the honeypot itself; Network worms with a large number of scanning behaviors (random scanning, sequential scanning, etc.) are found, but the network worms for routing scanning and DNS scanning are not effective; ③ honeypots rarely play a role in the early stages of network worm propagation
The latter two virus detection methods are not well applied when detecting viruses in P2P networks, and are prone to false detections, causing troubles
[0014] Among them, the traffic-based detection method utilizes statistical laws to detect abnormal network traffic in the network, so as to judge that there may be viruses or worms. In the P2P network, traffic surges or sudden drops often occur. Virus outbreak will seriously affect the work of P2P software

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Block-based virus detection method in P2P (peer-to-peer) network
  • Block-based virus detection method in P2P (peer-to-peer) network
  • Block-based virus detection method in P2P (peer-to-peer) network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Such as figure 1 As shown, the block-based virus detection in the P2P network of the present invention includes three main modules: a network card packet capture module, a data packet preprocessing module and a P2P virus detection module. The main function of the network card packet capture module is to capture network data packets through the local network card. The network data packets to be captured are P2P network data packets with p2p network packet feature codes, and the source address, destination address, Source port, destination port and other options for preliminary filtering.

[0034] The main function of the data packet preprocessing module is to preprocess the unprocessed P2P network data packet information captured from the network card, so that the data packet information can be used for virus detection. This is a relatively cumbersome but also relatively important link. Whether the application layer data can be obtained is the key to the next step of de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of network virus detection and discloses a block-based virus detection method in a P2P (peer-to-peer) network. The method comprises the following steps: a step (1): locally performing network p2p data packet capture through a network card and performing preliminary filtration according to Winpcap (windows packet capture); a step (2): performing pretreatment on P2P network data packet information obtained by capture from the network card in the step (1), and enabling the data packet information to be used for virus detection; and a step (3): detecting whether data information after treatment contains virus or not, and detecting whether the data information in the p2p data packet information of an application layer, which is obtained after treatment in the step (2), contains the virus or not according to virus characteristic codes in a virus library. Compared with the prior art, by adopting the method, the missing detection situation caused by negligence of P2P characteristics and the P2P transmission file mechanism of existing detection software can be avoided.

Description

technical field [0001] The invention relates to the technical field of network virus detection, in particular to a virus detection method in a P2P network environment. Background technique [0002] Compared with the C / S structure in the traditional network, the P2P network is a brand-new change. Today, with the rapid growth of the number of users, P2P is widely used in the fields of Internet TV, distributed computing, network database, and resource sharing. Gradually popularized and applied. The network security issues in P2P have some commonalities with ordinary network security, and also have some characteristics of their own. Only by conducting targeted research on the network security of P2P network structures can we effectively resist attacks against P2P network structures. [0003] However, well-known anti-virus software such as Norton and Kaspersky can successfully detect viruses and worms spreading in the network, but cannot detect viruses spreading in P2P, because ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08H04L12/26
Inventor 张冰怡齐彦君
Owner TIANJIN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com