Method and device for processing file based on cloud security

A file processing and security technology, applied in the field of information security, can solve problems such as the inability to detect and kill malicious programs, and the widespread spread of malicious programs

Active Publication Date: 2013-09-04
BEIJING HONGTENG INTELLIGENT TECH CO LTD
View PDF6 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the process of upgrading security software, malicious programs have spread widely
It can be seen that the methods in the prior art cannot detect and kill malicious programs in a timely manner.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for processing file based on cloud security
  • Method and device for processing file based on cloud security
  • Method and device for processing file based on cloud security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0100] figure 1 Shows a flow chart of a file processing method based on cloud security according to an embodiment of the present invention. In this method, the client for processing local programs is improved, and the method specifically includes steps S102 to S106.

[0101] S102: Generate a signature identifier uniquely corresponding to the unknown program file according to the signature related information of the unknown program file downloaded locally.

[0102] S104: Send a query request to the server to query whether the unknown program file is a malicious program. Wherein, the query request carries the signature identifier of the unknown program file and some or all of the file characteristics of the unknown program file.

[0103] Among them, the file feature in this embodiment may include the MD5 value and SHA1 value of the file, or a feature value calculated by extracting part of the content from the file. It can also include the DLL (Dynamic Link Library) information that t...

Embodiment 2

[0117] This embodiment is a specific application scenario of the first embodiment above. Through this embodiment, the method provided by the present invention can be explained more clearly and specifically.

[0118] image 3 Shows a flowchart of a file processing method based on cloud security according to an embodiment of the present invention. The method specifically includes steps S302 to S316.

[0119] S302: The client terminal generates a signature identifier uniquely corresponding to the unknown program file according to the signature related information of the unknown program file downloaded locally.

[0120] It should be noted that, in this embodiment, when the client executes the local program file, it will determine whether each program file is a locally known program file, so as to ensure the client's knowledge of the local program and also ensure the local program's safety. Among them, a program file list is stored in the client, and when the scanned program file is not...

Embodiment 3

[0152] Figure 4 Shows a structural block diagram of a cloud security-based file processing device according to an embodiment of the present invention. The device is executed in the client's engine. The unknown 0 of the device’s safety includes:

[0153] The generating module 410 is configured to generate a signature identifier uniquely corresponding to the unknown program file according to the signature related information of the unknown program file downloaded locally;

[0154] The query module 420, coupled with the above-mentioned generating module 410, is configured to send a query request to the server to query whether the unknown program file is a malicious program, wherein the query request carries the signature of the unknown program file and part or all of the unknown program file Document characteristics;

[0155] The processing module 430 is coupled with the above-mentioned generating module 420 and is configured to receive feedback messages from the server, and perform ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for processing a file based on cloud security. The method comprises the steps: generating a unique signature identification corresponding to an unknown program file according to signature relevant information of the locally-downloaded unknown program file; sending an inquiring request to a server-side, and inquiring whether the unknown program file is a rogue program or not, wherein the inquiring request carries the signature identification of the unknown program file and partial or whole file characteristics of the unknown program file; receiving feedback information coming from the server-side, and conducting subsequent processing on the unknown program file according to the feedback information, wherein the server-side generates the feedback information according to the signature identification and the file characteristics. By means of the method and device, the problem that a Trojan program is adopted to break the cloud searching and killing in the prior art is solved, meanwhile, time from finding the rogue program to searching and killing the rogue program can be shortened, the speed for striking a newly-generated rogue program is accelerated, the information storage content of the server is reduced, and accordingly the security of a client-side program is ensured.

Description

Technical field [0001] The invention relates to the field of information security, in particular to a file processing method and device based on cloud security. Background technique [0002] At present, with the continuous growth of malicious programs, the traditional anti-virus methods based on signature detection and regular update of the virus database can no longer cope with this situation. This has prompted a large number of clients to track and detect malicious programs in cloud security technology. Rise. [0003] Most of the cloud security technologies in the prior art use a combination of the client's local engine and the cloud security server side, and specifically check and kill malicious programs in the following ways: [0004] The client's local engine scans according to its built-in scanning location, and sends the unknown program file characteristics that cannot be recognized locally to the cloud security server. The cloud security server compares the received program ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32G06F21/56
CPCH04L67/06H04L67/10H04L63/1416H04L63/145H04L67/01H04L63/1441
Inventor 孔庆龙姚彤张波刘智锋江爱军
Owner BEIJING HONGTENG INTELLIGENT TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products