Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and device for locating hosts infected by malicious codes

A malicious code and positioning method technology, applied in the transmission system, electrical components, etc., can solve the problem of being unable to locate the infected user host, and achieve the effect of improving credibility

Active Publication Date: 2020-04-14
SANGFOR TECH INC
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides a method and equipment for locating hosts infected by malicious codes, which are used to solve the problem that the prior art cannot locate infected user hosts in a network deployed with a DNS proxy server

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for locating hosts infected by malicious codes
  • A method and device for locating hosts infected by malicious codes
  • A method and device for locating hosts infected by malicious codes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] The embodiment of the present invention provides a method and equipment for locating hosts infected by malicious codes, which are used for locating real infected user hosts when a DNS proxy server is deployed in the network.

[0062] In order to enable those skilled in the art to better understand the solutions of the present invention, the following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments are only It is an embodiment of a part of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present invention.

[0063] The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a positioning method of a host machine infected by malicious code and a device, and relates to the technical field of network; the positioning method and thedevice are used for solving the problem that the infected user host machine cannot be positioned in a network allocated with a DNS agent server in the prior art. The method includes steps of extracting a target domain name required to inquiry from the DNS request data when a network safety device acquires the DNS request data; if the target domain name is a malicious domain name, sending the target DNS reply data corresponding to the DNS request data to the DNS agent data, and recording a target internet protocol IP address in a reply part of the target DNS reply data; when the network data isacquired, judging if the target IP address extracted from the network data is the target IP address; if it is, positioning the host machine infected by the malicious code according to the source IP address of the network data.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a method and equipment for locating hosts infected by malicious codes. Background technique [0002] Malicious websites have always been one of the main ways for Trojan horses and viruses to spread. Malicious websites use operating system or software security holes to embed malicious codes in web pages, such as malicious viruses, worms, and Trojan horses. When users visit these web pages, The embedded malicious code will forcibly modify the configuration information of the user's operating system or application software without the user's knowledge, causing the user's host to be infected with malicious code. [0003] In order to improve the credibility of the Internet, it is necessary to locate hosts infected by malicious code and perform security measures such as vulnerability repair and malicious code deletion. The existing method for locating hosts infected by malicious code...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
Inventor 吕晓滨
Owner SANGFOR TECH INC