Network worm active hampering method based on driver checking and confronting tool automatic generation system

An automatic generation and worm technology, applied in the field of network security, can solve problems such as the great harm of the Internet and the impact of network infrastructure, and achieve the effect of completely eliminating worms, improving response speed, and eliminating long-term worm-infected nodes.

Inactive Publication Date: 2014-07-23
HARBIN INST OF TECH
View PDF2 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, network worms are extremely harmful to the Internet. After the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network worm active hampering method based on driver checking and confronting tool automatic generation system
  • Network worm active hampering method based on driver checking and confronting tool automatic generation system
  • Network worm active hampering method based on driver checking and confronting tool automatic generation system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Such as Figures 1 to 3 As shown, this embodiment is described in detail as follows for the detection-driven active containment method for network worms and the automatic generation system for network worm countermeasures implementing the method:

[0026] 1. Determine the eigenvalues ​​of the worm: continuous subsequences. Sequence X = {x 1 x 2 ... x n}, if there is a sequence Y={y 1 the y 2 ...y m}, and y 1 =x j+1 ,y 2 =x j+2 ,...y m =x j+m , where j≥0, j+m≤n, then Y={y 1 the y 2 ...y m} is a continuous subsequence of X. characteristics of worms. If the worm W spreads on the network, the data it transmits forms the sequence X=x 1 x 2 ... x n}, if there is a subsequence Y={y in X 1 the y 2 ...y m}, and this sequence must not exist in other network traffic without worm W propagating, then the subsequence Y is called a signature code of worm W.

[0027] 2. Capture traffic at the network entrance and exit for matching: capture network traffic and mat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A network worm active hampering method based on driver checking and a confronting tool automatic generation system relate to the field of network security. The method and the system are used for improving the response speed to new worms, timely hampering spread of infection sources, eliminating the worms and the leaks of uncontrollable nodes and thoroughly eliminating the worms. The method is technically characterized by comprising performing packet capture detection by arranging a probe at the outlet of a network; when finding the infected host of worms, entering the infected target host through leaks and taking measures of searching and killing the worms, mending the leaks, immunizing the host and the like to achieve the aim of eliminating the network worms; meanwhile, scanning the host inside the network through a quick scan technology to achieve remote mending of existing leaks. The confronting too automatic generation system comprises a remote network worm eliminating tool analysis and automatic generation subsystem, a delivery tool analysis and automatic generation subsystem and an active mending patch analysis and automatic generation subsystem. The network worm active hampering method based on driver checking and the confronting tool automatic generation system can achieve a response speed to effectively hamper the worms in the spreading initial period of the worms.

Description

technical field [0001] The invention relates to the field of network security, more specifically, to the technology of clearing and containing network worms. Background technique [0002] Due to the complex security situation brought about by the open and free Internet, worms are still harmful to the Internet. The main reason why network worms are difficult to control is that the Internet is essentially an open and complex giant system with a complex structure, lack of central control capabilities and Its openness leads to the existence of a large number of uncontrollable nodes on the network management level. These uncontrollable nodes often lack corresponding security protection measures or are left unmanaged for a long time. Once infected with worms, the worms will stay in the infected nodes for a long time and always pose a threat to the Internet as an attack source. Therefore, how to manage and maintain those disordered and uncontrollable network nodes is the key to co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06F21/56H04L12/26
Inventor 张大勇辛毅张兆心
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap