Unknown virus infection tracing method, device and system

An unknown virus and virus technology, applied in the computer field, can solve the problems of unable to find information system weaknesses, affecting information system reinforcement, unable to trace unknown virus sources and transmission paths, etc.
CN110688658AActive Publication Date: 2020-01-14HANGZHOU ANHENG INFORMATION TECH CO LTD
9 Cites 4 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
HANGZHOU ANHENG INFORMATION TECH CO LTD
Publication Date
2020-01-14

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides an unknown virus infection tracing method, device and system, and relates to the technical field of computers, and the method comprises the steps: receiving the file content ofa monitoring file sent by a terminal, and extracting a first feature and a second feature from the file content; based on the first feature and the second feature, judging whether the monitoring fileis a suspected unknown virus file or not; if yes, judging whether the suspected unknown virus file has virus behavior characteristics or not; if yes, determining the suspected unknown virus file withthe virus behavior characteristics as an unknown virus; receiving file operations reported by all terminals, and searching an infection source of the unknown virus based on the MD5 value of the firstfeature of the unknown virus and the operation information of the file operations; and based on the infection source, sorting all unknown viruses according to the infection time sequence of each unknown virus to form a propagation path of the unknown viruses. According to the method, the source of unknown viruses and the propagation path of the unknown viruses can be traced.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present invention relates to the field of computer technology, in particular to a tracing method, device and system for unknown virus infection. Background technique

[0002] With the rapid popularity of malware such as ransomware and mining Trojan horses, various new virus file machine variants emerge in an endless stream, posing a huge challenge to traditional antivirus software. For an information system, it is very important to discover and deal with this unknown virus. At the same time, tracing the source and transmission path of the unknown virus is also important for discovering protection weaknesses and strengthening them in time. However, traditional anti-virus software only traces known ransomware viruses, and cannot trace the source and transmission path of unknown viruses, and thus cannot discover the weaknesses of the information system, which affects the final reinforcement of the information system. Contents of the invention [00...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More