Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Virus detection and processing method for network transmission data

A virus detection and network transmission technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve problems such as difficult synchronization upgrades, affecting normal network communication, and complex implementation, to simplify upgrades and maintenance, and solve performance expansion. Problem, effect of coupling reduction

Active Publication Date: 2016-12-28
BEIJING RISING NETWORK SECURITY TECH CO LTD
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] 1) The transparent proxy antivirus wall system replaces the original connection with a pair of connections (takeover connection and proxy connection). In a high-throughput environment (such as a Gigabit or 10 Gigabit backbone network), the scalability is poor, and it usually cannot meet the performance requirements;
[0014] 2) Although the proxy connection of the transparent proxy keeps the IP address and TCP port of the original connection, it is still different in finer connection characteristics (such as TCP sequence number);
[0015] 3) The transparent proxy technology is usually based on the netfilter mechanism of the Linux kernel (a Linux 2.4 kernel firewall technology proposed by Rusty Russell), which uses an address translation technology similar to NAT and is highly coupled with the kernel. The implementation is complex, the error rate is high, and potential errors are unknown Many, it is difficult to upgrade synchronously when the kernel version is upgraded
However, at present, most backbone networks have introduced redundancy mechanisms. If the two-way data packets of the TCP connection flow through different links, the antivirus wall cannot work normally, and even normal network communication will be affected;

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virus detection and processing method for network transmission data
  • Virus detection and processing method for network transmission data
  • Virus detection and processing method for network transmission data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] The specific implementation manner of the virus detection and processing method for network transmission data in the embodiment of the present invention will be described below with reference to the drawings in the description.

[0059] The embodiment of the present invention network transmission data virus detection processing method, comprises the following steps:

[0060] Step S100, set the resident memory of the preset size in the kernel layer of the network card as the zero-copy memory, and configure it as a stack allocation queue of the zero-copy sk_buff structure, and set the receiving memory corresponding to the index of the stack allocation queue at the kernel layer Queues and release queues are used to allocate and release sent and received data packets transmitted by the network.

[0061] Set a preset fixed-size resident memory in the kernel layer of the network card as zero-copy memory for allocation and release of the network card receiving queue.

[0062]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a virus detection and processing method for network transmission data. It uses zero-copy memory and uses virtual memory to map the data packets of the transferred files from the kernel layer to the user layer; it analyzes the application layer protocol, restores the transferred files and sends them to the virus detection engine for detection, so that the antivirus wall system and the kernel are coupled It is small and stable; it abandons the traditional proxy connection technology, adopts a unique packet deduction mechanism, and without changing any characteristics of the original connection, through the double detection of the stream engine and the file engine, it ensures timely detection of virus-infected files. and accurate blocking.

Description

technical field [0001] The invention relates to the technical field of data virus detection and processing, in particular to a method for network transmission data virus detection and processing. Background technique [0002] Generally, existing virus processing technologies for processing computer viruses include two types: proxy firewall technology and anti-virus engine technology. [0003] Proxy firewall technology: [0004] Different from the packet filtering firewall, which only performs data flow feature matching and filtering, the proxy firewall replaces the direct communication between the client and the server through a proxy connection, and performs protocol analysis and file restoration at the application layer for more in-depth security analysis and processing; [0005] Anti-virus engine technology: [0006] The anti-virus engine usually refers to the method of scanning and killing viruses running on the operating system (such as the Windows operating system). ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/861
Inventor 张量
Owner BEIJING RISING NETWORK SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products