177 results about "Virus attack" patented technology

In the event of a virally infected MBR on a hard disk drive that might prevent booting, a service MBR in a hidden protected area (HPA) can be used to boot a service O.S., and then the service MBR can be replaced with a previously backed-up MBR, also in the HPA, to mount any missing partitions.

A network level virus monitoring system capable of monitoring a flow of network traffic in any of a number of inspection modes depending upon the particular needs of a system administrator. The monitoring provides an early warning of a virus attack thereby facilitating quarantine procedures directed at containing a virus outbreak. By providing such an early warning, the network virus monitor reduces the number of computers ultimately affected by the virus attack resulting in a concomitant reduction in both the cost of repair to the system and the amount of downtime. In this way, the inventive network virus monitor provides a great improvement in system uptime and reduction in system losses.

The invention discloses an intelligent industrial security cloud gateway equipment system and method. The industrial cloud security gateway equipment and method is characterized in that upper cloud data is encrypted and added with data classification identifiers and time stamps, and decryption, security scanning and multiple security authentication access control are carried out on data on downlink intelligent equipment, so that interconnection, protocol conversion, and multi-directional transparent and real-time transmission among cloud equipment, enterprise datacenter equipment and various intelligent equipment on an industrial field can be achieved. An intelligent industrial cloud security gateway is embedded intelligent equipment comprising various serial ports, communication interfaces for a field bus and field intelligent equipment such as the industrial Ethernet, communication interfaces for wireless mobile communication and wired Internet cloud equipment, wireless or wired local area network interfaces for Bluetooth, broadband and the like, an Ethernet switch, a GPS module, and embedded software. The intelligent industrial cloud security gateway can systematically prevent user data leakage and network virus attacks, is core equipment of a secure and reliable intelligent industrial cloud service system, and can serve intelligent industrial manufacturing.

A method, computer program product, and network data processing system for identifying, locating, and deleting viruses is provided. In one embodiment, the network data processing system includes a local server, several client data processing systems, and a bait server. The address of the bait server is not published to the clients. Thus, any attempt to access the bait server would indicate the presence of a virus on the client attempting access. The bait server monitors itself and, responsive to an attempt from a client to access the bait server, broadcasts an indication that a virus attack is underway to all devices within the network. The bait server then ignores all further access requests by the offending client until it receives an indication that the offending client has been disinfected and directs the local server to disconnect the offending client(s) from the network. The bait server also notifies the local server and/or a network administrator of the problem and the identity of the offending client allowing appropriate action to be initiated to disinfect the offending client.

A method, device and system restrict and prevent virus attack and malicious software to a wireless communication device from a pairing attempt by another wireless communications device. A switch is included in a transmission path coupling a first device to a second device, wherein the second device is attempting to pair with first wireless communications device. A detector coupled to the transmission path, detects an address of the second wireless communications device in a pairing communication protocol between the first and second devices. A counter coupled to the detector counts the pairing attempts of the second device. A compare circuit compares the pairing attempts to a selected number N. The compare circuit signals the switch to open when the number of attempts equals or exceeds the number N, breaking the connection, thereby preventing the first device from receiving virus attacks and malicious software.

A network level virus monitoring system capable of monitoring a flow of network traffic in any of a number of inspection modes depending upon the particular needs of a system administrator. The system includes a network virus sensor self registration module coupled to a network virus/worm sensor arranged to automatically self register the associated network virus/worm sensor. The monitoring provides an early warning of a virus attack thereby facilitating quarantine procedures directed at containing a virus outbreak. By providing such an early warning, the network virus monitor reduces the number of computers ultimately affected by the virus attack resulting in a concomitant reduction in both the cost of repair to the system and the amount of downtime. In this way, the inventive network virus monitor provides a great improvement in system uptime and reduction in system losses.

The invention relates to the technical field of Internet application, in particular to a transport-layer-characteristic-based traffic classification method for the Internet application. The method comprises the following steps of: acquiring a data packet which serves as training data, and constructing a classifier by utilizing transport layer characteristics of a data stream extracted from the data packet; and classifying the data stream extracted from a subsequently acquired data packet by utilizing the constructed classifier. The application type of the stream can be identified only by extracting the transport layer characteristics of the stream without knowing load contents such as a port number, a characteristic field and the like of the data packet. The privacy of a user is uninvolved, and a dynamic-port-number-based or encrypted stream can be identified by the technology. Moreover, the method is highly accurate and integral, novel application can be identified and the user can be prompted to check suspected virus attack streams.

The invention relates to a method and a system for defending a network virus. The network virus is a botnet virus or a target attacking virus with pertinence to a virus attacking object. The method comprises the following steps: analyzing a network flow of a client and capturing a suspicious file sample when an existing suspicious file is confirmed while detecting the flow of the client during a process of obtaining a network communication service by the client; analyzing if the botnet virus or virus action thereof exists; generating an analysis report for the botnet virus action; transmitting the suspicious file sample and the analysis report to an antivirus operator so as to create a virus removing program; and meanwhile, supplying a network antivirus service to an infected client according to the analysis report and searching and killing the virus after receiving the virus removing program which is sent back. According to the method, when the client which is infected by the virus is detected, defending measures can be taken in real time, thereby efficiently preventing virus diffusion, preventing the infected client from automatically connecting to a malicious website for performing virus variation, and efficiently reducing the risk of the client suffering in a virus attack.

The invention provides a new Lactobacillus plantarum bacterial strain YJG which was preserved in the China General Microbiological Culture Collection Center (CGNCC) with the collection number of CGMCC No. 2994 on march, 30th, 2009. The Lactobacillus plantarum bacterial strain YJG can produce broad-spectrum bacteriostatic activity bacteriocin with high yield, and can express bacteriostasis for staphylococcus aureus, salmonella and E.coli of gram-negative bacterium, L. plantarum, L.brevis, Streptococcus and Bacillus of gram-positive bacterium, and the like. A virus attacking tests with high dosage proves that the Lactobacillus plantarum bacterial strain YJG is safe to animal bodies. The Lactobacillus plantarum bacterial strain YJG and a zymophyte liquid thereof can be used for preparing additives of green animal feeds, and the bacteriocin of the Lactobacillus plantarum bacterial strain YJG can be used for preparing green biological veterinary drugs, environmental-friendly biopreservatives, biocontrol drugs and the like.

The invention discloses a specification method of harmful program based on the virus attack identification base of state movement set, which comprises the following steps: 1.1) monitoring and recording the movement behavior of unknown program; 1.2) integrating the recorded program to compare with the virus identification regular base; 1.3) judging the compared result whether the result is harmful program behavior; alarming or stopping the operation of program if yes; continuing operating and returning to the step 1.1) if not. The invention analyses the unknown program behavior without depending virus code, which improves the efficiency and precision.

The invention discloses an industrial control system network security situation sensing system based on artificial intelligence. The system comprises a virus monitoring unit, a data parsing unit, a data fusion and calculation unit, a fusion and calculation rule library, an Internet speed monitoring unit, a usage monitoring unit, a controller, a display unit, a database, an input unit and a steady-state analysis unit. In the system provided by the invention, a virus attack attacking the system is analyzed and judged through the virus monitoring unit and the data parsing unit; then, real-time Internet speed of a security network is monitored and analyzed through the Internet speed monitoring unit, and a steady-state valve group of the Internet speed is obtained; meanwhile, usage rate of a CPU is monitored in real time through the monitoring unit; then, comprehensive analysis is executed in combination with latest virus attack frequency, the steady-state valve group and the real-time usage rate, thus, an evaluation signal is obtained, and different evaluation signals are transmitted to the database for storage.

The invention discloses a kind of image processing method and device. The described method includes: web image editor based on the user's choice, to obtain the image selected by the user from the local computer, and present the selected image in the web image editor; process the selected image according to the user's operations; and upload the processed image to the server. The described device includes: access module, display module, processing module and uploading module. The invention directly reads the local image through the network image editor and edits the image and then uploads the confirmed image to the server which does not need to upload files to the server and download and may save network resources and server storage resources. At the same time, it can also ensure that the local computer will not be under virus attack during the process of reading the local image.

The invention provides an I-group 4-type fowl adenovirus DNA vaccine and application thereof. According to the technical scheme, based on experimental means, research finds and shows that fiber protrusions have good immunity prototypes, in this way, with 4-type fowl adenovirus fibrous protein C-terminal genes being antigen substances, codon optimization is carried out on the basis of a natural sequence, an eukaryotic expression vector pCAGGS is cloned, and the DNA vaccine pCAGoptiFAV4C is constructed. According to the researched fowl adenovirus NDA vaccine, a method of gene engineering fermentation is adopted for preparing antigens, and therefore the I-group 4-type fowl adenovirus DNA vaccine is low in cost, pure in antigen and safe to use. By the utilization of a serology method and an immunity virus attack method, the immunity effect of the vaccine is evaluated. The result shows that the vaccine can provide effective immune protection for fowl, and has good commercial development prospects. Compared with a traditional vaccine, the DNA vaccine achieves the safety of subunit vaccines and inactivated vaccines, and also has the features of simultaneous induction of humoral immunity and cellular immune response, wherein the features only belong to attenuated vaccines or recombinant vaccines.

The invention discloses a mink viral enteritis and canine distemper binary living vaccine as well as a preparation method and application thereof. The effective components of the binary living vaccine comprise a mink viral enteritis virus (MEV) antigen and a canine distemper virus (CDV) antigen, wherein the MEV antigen is a JLM strain and has the collection number of CGMCC No. 9904, and the CDV antigen is a JTM strain and has the collection number of CGMCC No. 9905. Researches on the humoral immunity, the immunizing and virus attacking protection level and the pathologic change show that the JLM strain and the JTM strain are free from mutual immunity interference. The safety and effect of the binary living vaccine are researched further accordingly, and the research result shows that the binary living vaccine is safe to use and is not lower than the unitary living vaccine in effect.

The invention provides a file protection method and device, and relates to the technical field of computers. The file protection method comprises the following steps of: when a first access instruction for a first file in a first preset file type is obtained, judging whether an access manner corresponding to the first access instruction is a first access manner or not; when the judging result is positive, carrying out a preset virtualization operation on a first copy file of the first file on the basis of the firs access instruction so as to obtain a second file; judging whether a similarity between the first file and the second file is greater than a preset threshold value or not; and when the similarity is greater than the preset threshold value, replacing the first file by the second file. Aiming at the manner of attacking files by ransomware, the file protection method is capable of defensing behaviors and features of the ransomware in an active manner, so as to prevent the ransomware from attacking the files in an encryption form and the like, and avoid the loss caused by virus attack.

The invention discloses a system construction method and device for industrial control system safety detection and early warning. The system is used for solving the problems that an existing industrial control system safety detection system cannot carry out safety analysis and early warning according to the temperature information of the industrial control equipment, the time when the industrial control equipment is attacked by an virus and the total number of times, and the early warning industrial control equipment cannot be reasonably distributed to corresponding technicians for early warning processing. A data acquisition module acquires industrial control information of industrial control equipment in an industrial control system and sends the industrial control information to a server; a safety analysis module performs safety analysis on the industrial control information; a safety early warning module carries out early warning processing on the industrial control early warning instruction, the industrial control temperature early warning instruction, the industrial control temperature attack early warning instruction and the industrial control attack early warning instruction, carries out safety analysis on industrial control equipment in the industrial control system and reasonably distributes the information to corresponding selected early warning personnel for processing, thereby improving the in-time early warning processing in the industrial control equipment.

Malicious attacks have moved from higher level virus attacks on software and data files operating on a device, to subverting the firmware underlying the device, where the firmware will compromise operation of the device even after attempts to remove the virus, unwanted programs, or other activity due to the subversion. If the firmware is compromised then even a clean reinstall of all software and/or services on the device may only result in a clean device that is then subsequently compromised again. Although device manufacturers may update a firmware to remove the vulnerability, there remains a problem in getting users to actually perform the update. To facilitate device security, a database or databases of firmware may be maintained where their status of vulnerable (bad) or not (good) is maintained and various options are presented for scanning firmware for vulnerabilities, out of band or manually, and pulling/pushing updates as desired to automatically update a device or prompt a user for updating. Updates may be mandatory per a policy and/or controlled by user preference. Looking for vulnerabilities may be device driven, or managed by an external entity. As new vulnerabilities are discovered, existing firmware may be checked for the vulnerability, and if found, devices having vulnerable firmware may be updated. New firmware may be recorded in the database(s) and the database(s) periodically scanned for vulnerabilities.

The invention discloses a design device and a design method of a virus analysis testing bed of an electric SCADA (Supervisory Control And Data Acquisition) system, and belongs to the technical field of safety and intrusion detection of industrial control systems. The device comprises an electric SCADA system fault simulation module, an electric SCADA system virus analyzing and testing module and an electric SCADA system virus attack defense demonstration module. The design method comprises the following steps: under an electric SCADA system fault simulation condition, simulating fault information of power generation, power transformation, power transportation, power distribution, power utilization and power dispatching to acquire a field state of attacking the electric system by viruses, so as to realize virus attacking evidence obtaining of the electric SCADA system; and analyzing, testing and cleaning viruses, and dynamically demonstrating a virus attacking and defending process of the electric SCADA system. Compared with an existing electric system virus detection simulation device, the testing bed can be used for systematically simulating the environment of the whole electric SCADA system, can be used for detecting and analyzing the viruses attacking the electric SCADA system and also has dynamical demonstration functions of attacking and defending.

The invention discloses a mimic security method and a device for a recursive DNS server, overcoming the security threatening problem of the recursive DNS server. The method comprises the following steps: 1) receiving the inquiry requests of users; guiding the inquiry requests through a DNS switch to a security service chain where screening, filtering and attack detecting are performed to the requests; and obtaining the attack detecting data by a parameter manager followed by the delivering of corresponding parameter information to a transferring device; 2) for each inquiry request in the request queue of the transferring device, selecting by the transferring device a plurality of inquiry requests by the DNS server according to the parameter manager delivered parameters, the state information of various DNS servers and the transferring strategy; and 3) receiving the responding information of the DNS servers by a determining module; making the majority decision to the result; and updating the state information of the various servers in the DNS server pool. The method and the device of the invention solve the virus attacks to the cache of a recursive server without the modification of the DNS protocol or DNS inquiry responding procedure.

The invention discloses a bovine A-type foot-and-mouth disease multi-epitope recombinant vaccine, and a preparation method and an application thereof, and belongs to the field of veterinary vaccine research. The preparation method comprises the following steps: carrying out reasonable serial connection on the dominant antigen epitopes of bovine A-type foot-and-mouth disease virus representative strains once pandemic in China by adopting an antigenized antibody strategy and a brand new reverse vaccinology technology and strategy, coupling with a bovine IgG immunostimulatory fragment (IgG heavy chain constant region), cloning into a prokaryotic expression vector to construct a recombinant expression vector, transforming Escherichia coli cells to express a recombinant antigen, purifying by adopting Ni-NAT column chromatography, quantifying by a Bio-Rad protein quantification kit, and preparing the vaccine individually or combining with a recombinant foot-and-mouth disease virus 3D protein. A result of animal immune experiments shows that the recombinant protein or combined vaccine can stimulate the body to produce a protective antibody with high titer and also can protect immune animals against a virus attack, so the bovine A-type foot-and-mouth disease multi-epitope recombinant vaccine has a good application prospect.