E-mail virus detection method and device based on attachment formats

A virus detection and file format technology, applied in electrical components, digital transmission systems, transmission systems, etc., can solve problems such as hysteresis, and achieve good detection rate, low false alarm rate, and high detection rate.

Inactive Publication Date: 2014-01-29
HARBIN ANTIY TECH
View PDF6 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As we all know, traditional virus detection technology is based on signature detection, which has obvious lag, so it cannot solve this problem very well.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • E-mail virus detection method and device based on attachment formats
  • E-mail virus detection method and device based on attachment formats
  • E-mail virus detection method and device based on attachment formats

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0022] Such as figure 1 As shown, one of the method embodiments of the present invention, as shown in the figure:

[0023] S101: Obtain an email data stream from the network data stream, and acquire email attachment information from the email data stream;

[0024] It can be applied to devices such as gateways, and packet capture tools such as Pcap can be used to split out email attachments according to the email format.

[0025] S102: Determine the file format of the email attachment according to the email attachment information, and record the file format information of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an e-mail virus detection method based on attachment formats. The method includes acquiring a complete e-mail file and parsing the e-mail protocols, and acquiring transmitted e-mail attachments; judging the file format of the e-mail attachments and recording the file format information; counting information of the file with executable format in the e-mail attachments, and judging whether the file with executable format in the transmitted e-mail attachments is a threat or not. The invention further provides an e-mail virus detection device based on the attachment formats. According to the method, massive counting of the number of PE files in the e-mail attachments is studied, and detection is performed according to studied rules. Owing to particularity of the e-mails, low false alarm rate and high detection rate can be guaranteed by the aid of the method.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to a method and device for virus detection of email attachments using a dynamic intelligent learning method. Background technique [0002] With the rapid development of the Internet, using email attachments to spread viruses is one of the common means used by virus spreaders. Since the use of email attachments to spread viruses is highly concealed, it is very important to perform virus detection on email attachments. The traditional method is to analyze the email, obtain the attachment of the email, and use anti-virus software to detect the attachment. As we all know, traditional virus detection technology is based on signature detection, which has obvious hysteresis, so it cannot solve this problem well. Contents of the invention [0003] According to the quantity and proportion of PE (executable files under Winows) in the mail attachments, the present inventi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/58
Inventor 肖新光童志明沈长伟张栗伟
Owner HARBIN ANTIY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap