CN103678997B - System safety check method and device - Google Patents
System safety check method and device Download PDFInfo
- Publication number
- CN103678997B CN103678997B CN201210314091.7A CN201210314091A CN103678997B CN 103678997 B CN103678997 B CN 103678997B CN 201210314091 A CN201210314091 A CN 201210314091A CN 103678997 B CN103678997 B CN 103678997B
- Authority
- CN
- China
- Prior art keywords
- virus
- report
- client
- environments
- system environments
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Abstract
The present invention relates to a kind of system safety check method and device, methods described includes:Representative system environment problem and virus base and corresponding system problem and virus report storehouse are established, the representative system environment problem includes multiple typical system environments problems and virus with virus base;Reception system report on the system environments of client and the relevant information of Virus State;The similarity of the system environments and the relevant information of Virus State reported described in calculating and the multiple typical system environments problem and virus, select typical system environments problem and virus that similarity exceedes predetermined similarity;According to selected typical system environments problem with virus in the system problem corresponding with being searched in virus report storehouse system problem and virus report;Recommend found system problem and virus report to the client.The present invention can increase degree of belief, raising user stickiness of the user to system safety inspection result, help user to understand basic system security knowledge.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of system safety check method and device.
Background technology
Existing system security classes software only shows inspection result and killing suggestion, i.e. computer when carrying out computer killing
Running status what virus there may be, if it is recommended that killing etc., although inspection computer risk and the guarantor of user can be met
Barrier system safety demand, still, it has not been convenient to user understand the accuracy of the result, the principle of every inspection result, virus
Route of transmission, processing method etc..
The content of the invention
It is an object of the present invention to provide a kind of system safety check method, can increase user to system safety inspection
As a result degree of belief, raising user's stickiness, help user to understand basic system security knowledge.
The object of the invention to solve the technical problems is realized using following technical scheme.
A kind of system safety check method, including:Establish representative system environment problem and virus base and corresponding be
System problem and virus report storehouse, the representative system environment problem include multiple typical system environments problems and disease with virus base
Poison;Reception system report on the system environments of client and the relevant information of Virus State;The system reported described in calculating
The relevant information of environment and Virus State and the multiple typical system environments problem and the similarity of virus, select similarity
More than the typical system environments problem and virus of predetermined similarity;According to selected typical system environments problem with virus in
The system problem corresponding with being searched in virus report storehouse system problem and virus report;Recommend to be searched to the client
The system problem and virus report arrived.
A kind of system safety inspection device, including:Establish module, for establish representative system environment problem and virus base and
Corresponding system problem and virus report storehouse, the representative system environment problem include multiple typical systems with virus base
Environmental problem and virus;Receiving module, for reception system report on the system environments of client and the phase of Virus State
Close information;Computing module, for the relevant information for calculating the system environments reported and Virus State and the multiple typical case
System environments problem with virus similarity, select similarity exceed predetermined similarity typical system environments problem with disease
Poison;Searching modul, the typical system environments problem selected for basis is with virus in the system problem and virus report storehouse
It is middle to search corresponding system problem and virus report;Recommending module, for recommending found system to ask to the client
Topic and virus report.
System safety check method proposed by the invention and device can automatically analyze the system problem and disease of client
Poison ring border, by analysis system report on the system environments of client and the relevant information of Virus State, with establishing in advance
Representative system environment problem matched with virus base and corresponding system problem with virus report storehouse, to user recommend
Corresponding system problem and virus report, can not only increase user to the degree of belief of system safety inspection result, improve user
Stickiness, user can also be helped to learn to understand basic system security knowledge.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects, features and advantages of the present invention can
Become apparent, below especially exemplified by preferred embodiment, and coordinate accompanying drawing, describe in detail as follows.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the system safety check method in first embodiment of the invention.
Fig. 2 is the schematic flow sheet of the system safety check method in second embodiment of the invention.
Fig. 3 is the schematic flow sheet of the system safety check method in third embodiment of the invention.
Fig. 4 is the structural representation of the system safety inspection device in fourth embodiment of the invention.
Fig. 5 is the structural representation of the system safety inspection device in fifth embodiment of the invention.
Fig. 6 is the structural representation of the system safety inspection device in sixth embodiment of the invention.
Embodiment
Further to illustrate the present invention to reach the technological means and effect that predetermined goal of the invention is taken, below in conjunction with
Accompanying drawing and preferred embodiment, to according to system safety check method proposed by the present invention and device its embodiment, method,
Step, structure, feature and its effect, describe in detail as follows.
For the present invention foregoing and other technology contents, feature and effect, in the following preferable reality coordinated with reference to schema
Applying in the detailed description of example to clearly appear from.By the explanation of embodiment, when predetermined mesh can be reached to the present invention
The technological means taken and effect be able to more deeply and it is specific understand, but institute's accompanying drawings are only to provide with reference to saying
It is bright to be used, not it is used for being any limitation as the present invention.
First embodiment
Fig. 1 is the schematic flow sheet of the system safety check method of first embodiment of the invention.Fig. 1 is refer to, the present invention
System safety check method in embodiment includes:
Step S 11:Establish representative system environment problem and virus base and corresponding system problem and virus report
Storehouse, the representative system environment problem include multiple typical system environments problems and virus with virus base.
Representative system environment problem with virus base can be obtained by historical data, can also rule of thumb obtain
Some typical system environments problems with virus.The representative system environment problem includes multiple typical systems with virus base
Environmental problem and virus.
Specifically, in step S 11, the representative system environment problem can be built with virus base according to class hierarchy
It is vertical.Such as the representative system environment problem and virus base are divided into system environments problem base and virus base.System environments problem
Storehouse can be divided into multiple problem word banks again, such as:System is mounted with that ad plug-in, IE options are set, system startup item occurs
Black file, system service item exception etc..Virus base can also be divided into multiple viral word banks, such as leading viruses word bank, text
Part type virus word bank, multipartite virus word bank, macrovirus word bank, trojan horse word bank, worm-type virus word bank and other virions
Storehouse etc..Each the problem of corresponding to word bank can be correspondingly arranged a label with viral word bank.Label is used for marking some keys
Information, similar to keyword.Such as Trojan for stealing numbers virus word bank, its label could be arranged to " steal-number ", " wooden horse " etc..For example, can
So that representative system environment problem and virus base are classified into the system environments problem base and the virus base that are established as shown in Table 1:
Table one
System problem is corresponding representative system environment problem and the typical system environments in virus base with virus report storehouse
Problem and virus generation, including system problem report and virus report.System problem report is for describing system exception
The file of phenomenon, include the title of system exception, reason, performance, harm and restorative procedure etc..Such as:Domain name mapping file
(host files) is changed, and other incredible IP address, Ke Yiyong are automatic jumped to when may cause to access normal webpage
QQ computer house keepers etc. are repaired.Virus report is the file for describing Virus Info.Title, principle including virus, show
As, route of transmission, harm, processing method etc..Virus report can also extract keyword therein as label.For example, on
The report content of grey pigeon trojan horse can include following information:Grey pigeon trojan horse injects virus by edit the registry
To service starting up's item, hacker's specified sites are connected in the case of user is unwitting, cause the personal information of user to be stolen,
Computer house keeper can be used to carry out killing etc..Table two show the virus report example of shock wave virus:
Table two
Step S12:Reception system report on the system environments of client and the relevant information of Virus State.
System fail-safe software to client when carrying out system safety inspection or checking and killing virus, to the system ring of client
Border can be analyzed automatically, including the startup item of system, IE, system service, desktop, start menu and quick startup column etc..
By the inspection and scanning to these, system fail-safe software can obtain the letter such as system environments and Virus State of client
Breath.System environments refers to the system information of privacy, including system startup item, system vulnerability etc..Virus State refers to system
Viral situation through infection and the system potential safety hazard caused by unreasonable possibility is set.System fail-safe software obtain on
After the system environments of client and the relevant information of Virus State, these relevant informations are reported into backstage, it is excellent in the present invention
Elect cloud backstage as.These relevant informations include event, scanning element, abnormal problem, possible virus and label etc., as shown in Table 3:
Table three
Step S13:The system environments and the relevant information of Virus State reported described in calculating and the multiple typical system
The similarity of environmental problem of uniting and virus, select typical system environments problem and virus that similarity exceedes predetermined similarity.
Cloud backstage is after the relevant information of system environments that system software client reports and Virus State is received, according to letter
Content and label are ceased, multiple typical system environments problems and the similarity of virus with being stored in cloud backstage is calculated, selectes phase
Like typical system environments problem and virus of the degree more than predetermined similarity.Predetermined similarity can be according to actual environment and user
Demand is selected.The calculating of similarity can use a variety of methods, such as text matches, cosine similarity etc..
Step S14:According to selected typical system environments problem with virus in the system problem and virus report storehouse
It is middle to search corresponding system problem and virus report.
Cloud backstage exceedes the typical system environments problem of predetermined similarity with after virus, being asked in system in selected similarity
Topic is with searching out system problem corresponding with virus with the system environments problem selected and system problem and disease in virus report storehouse
Poison report.
Step S15:Recommend found system problem and virus report to the client.
The system problem that cloud backstage finds previous step recommends user with virus report.Consider and not all user
There is the demand of reading report, it is possible to completed in a manner of optional.Recommendation is provided after the result of computer inspection is provided
User reads the detailed report for scanning result.
System safety check method in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
Second embodiment
Fig. 2 is the schematic flow sheet of the system safety check method of second embodiment of the invention.Fig. 2 is refer to, the present invention
System safety check method in embodiment includes:
Step S21:Representative system environment problem and virus base and corresponding system problem and virus report storehouse are established,
The representative system environment problem includes multiple typical system environments problems and virus with virus base.This step and foregoing phase
Together, repeat no more here.
Step S22:Reception system report on the system environments of client and the relevant information of Virus State.This step
As hereinbefore, repeat no more here.
In the present embodiment, after step S22, further comprise:
Step S23:By what is reported the allusion quotation is fed back on the system environments of client and the relevant information of Virus State
Type system environments problem and virus base simultaneously update the representative system environment problem and virus base.
Step S24:According to updated representative system environment problem and virus base update corresponding system problem with
Virus report storehouse.
The representative system environment problem for improving cloud backstage and virus report can be constantly updated by step S23 and step S24
Storehouse is accused, is easy to subsequent recommendation.
Step S25:The system environments and the relevant information of Virus State reported described in calculating and the multiple typical system
The similarity of environmental problem of uniting and virus, select typical system environments problem and virus that similarity exceedes predetermined similarity.
In the present embodiment, step S25 includes:
Step S251:By the system environments reported and the relevant information vector quantization of Virus State.
By the system environments reported and the relevant information vector quantization of Virus State:n=(n1,n2..., ni), wherein, (n1,
n2..., ni) can represent event in the relevant information that reports, scanning element, abnormal problem, may virus and label etc..
Step S252:By the typical system environments problem and Virus Info vector quantization.
By the typical system environments problem and Virus Info vector quantization:m=(m1,m2..., mi), wherein (m1,
m2..., mi) can represent word bank in representative system environment problem and virus base, viral item, viral subitem, Virus Name and
Label etc..
The above-mentioned system environments reported and the relevant information of Virus State and typical system environments problem and Virus Info
Respective items correspond.Label can be differed with length.Such as:Reported event and word bank are corresponding, and scanning element and viral item are corresponding,
Abnormal problem and viral subitem are corresponding, and possible virus is corresponding with Virus Name etc..
Step S253:Calculate the system environments reported after vector quantization and the relevant information and vector quantization of Virus State
The typical system environments problem afterwards and the cosine similarity of Virus Info.
Cosine similarity is a kind of measure for being used for calculating the similarity between two vectors.It is general calculate two to
The angle of amount, when two vector angles are smaller, its cosine value is bigger, and similarity is higher, conversely, when angle is bigger, its cosine
It is worth smaller, similarity is lower.When two vector angles are 90 °, it is believed that two vectors are uncorrelated.Cosine similarity can be used for counting
Calculate the similitude of document.
The system environments reported after vector quantization and the typical case after the relevant information and vector quantization of Virus State
System environments problem and the cosine similarity of Virus Info be:
S∈[0,1]
S value is bigger, and both surfaces similarity is higher, conversely, similarity is lower.
Due to being difficult the size for determining each component during vector quantization, a kind of way is to construct the complete or collected works of each component, by this
Component expands to a multi-C vector.Because the complete or collected works of each component include the various probable values of the component, then using complete
Matching process:If a dimension of the component can match, it is 1 to set the dimension, and other dimensions are 0.
Illustrate below by taking table one as an example, for word bank, it is understood that there may be system and viral two kinds of situations, then:m1=<m11, m12
>;Viral item there may be 4 kinds of IE options, system startup item, trojan horse, worm-type virus situations, then:m2=<m21,m22,m23,
m24>;Viral subitem there may be IE homepages and distort etc. 10, then:m3=<m31,m32,...,m310>;Virus Name there may be
10, then m4=<m41,m42,...,m410>;Assuming that label has 20 kinds, then m5=<m51,m52,...,m520>.For example, for
Net silver wooden horse, its vectorizable value are:m=<0,1,0,0,1,0,...,1,0,0,1,...>.
The system environments and the relevant information of Virus State that vectorization reports in the same way, it is assumed that obtained vector is
(length 50):n=<0,1,0,0,1,0,...,1,1,1,1,...>, then both similarity be
Step S254:Selected cosine similarity exceedes the typical system environments problem and virus of predetermined similarity.
Step S26:According to selected typical system environments problem with virus in the system problem and virus report storehouse
It is middle to search corresponding system problem and virus report.This step as hereinbefore, repeats no more here.
Step S27:Recommend found system problem and virus report to the client.This step and foregoing phase
Together, repeat no more here.
System safety check method in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
3rd embodiment
Fig. 3 is the schematic flow sheet of the system safety check method of third embodiment of the invention.Fig. 3 is refer to, the present invention
System safety check method in embodiment includes:
Step S31:Representative system environment problem and virus base and corresponding system problem and virus report storehouse are established,
The representative system environment problem includes multiple typical system environments problems and virus with virus base.This step and foregoing phase
Together, repeat no more here.
Step S32:Reception system report on the system environments of client and the relevant information of Virus State.This step
As hereinbefore, repeat no more here.
Step S33:The system environments and the relevant information of Virus State reported described in calculating and the multiple typical system
The similarity of environmental problem of uniting and virus, select typical system environments problem and virus that similarity exceedes predetermined similarity.
This step as hereinbefore, repeats no more here.
Step S34:According to selected typical system environments problem with virus in the system problem and virus report storehouse
It is middle to search corresponding system problem and virus report.This step as hereinbefore, repeats no more here.
Step S35:Recommend found system problem and virus report to the client.This step and foregoing phase
Together, repeat no more here.
In the present embodiment, still further comprised after step S35:
Step S36:Judge whether the client needs to show found system problem and virus report, if needed
Will, then found system problem and virus report are shown in client.
In the present embodiment, the system problem found and virus report are recommended user by cloud backstage.In view of not
All users have the demand of reading report, so being completed in a manner of optional.If user selects to read, show in client
Show found system problem and virus report.
Step S37:The request for initiating to evaluate the system problem and virus report to client.
It can be initiated while client shows found system problem and virus report to client to described
The request that system problem is evaluated with virus report.Evaluation can include mensurable reading and feed back, such as including:It is appreciated that
Property (whether facilitating user to understand), validity (whether problems, which use help, is taken precautions against to user) and overall assessment:Such as star
Evaluation, fraction evaluation etc..
Step S38:Receive the evaluation to the system problem and virus report of client feedback.
Step S39:Received evaluation is fed back into the system problem with virus report storehouse and perfect according to evaluating
The system problem and virus report storehouse.
Preferably, can use the synthesis result that similarity result and user evaluate as to user's promotion and conversion according to
According to.The star for such as setting user is evaluated as 1-5 stars, and c=[0.20.4 0.6 0.8 1.0] is designated as normalization fraction
Recommend index be:R=(1-α)S+αc
Wherein α shows that user evaluates the influence to recommendation to recommend factor of influence.The parameter can be by the fortune of system software
Row and data analysis situation determine.
Such as the shock wave virus in table two, its report scale is 4 stars.If it is 0.1 to recommend factor of influence, then recommend index
For:
R=(1- α) * 0.816+ α 0.8=(1-0.8) * of * 0.816+0.8*0.1=0.814
Client provides certain scoring after the report that cloud backstage is recommended is read.Cloud backstage is after the evaluation is obtained, root
According to the quantity of reading, mensurable feedback, the welcome degree of analysis report, the higher report of degree of recognition will be evaluated as full
Preferential recommendation is to user in the case of sufficient similarity.Meanwhile the system environments problem and system on continuous modification and perfection cloud backstage are asked
Topic and virus report storehouse, are easy to subsequent recommendation.
System safety check method in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
Fourth embodiment
Fig. 4 is the structural representation of the system safety inspection device of fourth embodiment of the invention.Fig. 4 is refer to, the present invention
System safety inspection device 40 in embodiment includes:Establish module 41, receiving module 42, computing module 43, searching modul 44,
Recommending module 45.
Wherein, establish module 41 be used to establishing representative system environment problem and virus base and corresponding system problem with
Virus report storehouse, the representative system environment problem include multiple typical system environments problems and virus with virus base.Receive
Module 42 be used for reception system report on the system environments of client and the relevant information of Virus State.Computing module 43 is used
In the system environments and the relevant information of Virus State reported described in calculating and the multiple typical system environments problem and disease
The similarity of poison, select typical system environments problem and virus that similarity exceedes predetermined similarity.Searching modul 44 is used for
According to selected typical system environments problem with virus in the system problem with searching corresponding system in virus report storehouse
Problem and virus report.Recommending module 45 is used to recommend found system problem and virus report to the client.
System safety inspection device in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
5th embodiment
Fig. 5 is the structural representation of the system safety inspection device of fifth embodiment of the invention.Fig. 5 is refer to, the present invention
System safety inspection device 50 in embodiment includes:Establish module 51, receiving module 52, computing module 53, searching modul 54,
Recommending module 55.
Wherein, establish module 51 be used to establishing representative system environment problem and virus base and corresponding system problem with
Virus report storehouse, the representative system environment problem include multiple typical system environments problems and virus with virus base.Receive
Module 52 be used for reception system report on the system environments of client and the relevant information of Virus State.Computing module 53 is used
In the system environments and the relevant information of Virus State reported described in calculating and the multiple typical system environments problem and disease
The similarity of poison, select typical system environments problem and virus that similarity exceedes predetermined similarity.Searching modul 54 is used for
According to selected typical system environments problem with virus in the system problem with searching corresponding system in virus report storehouse
Problem and virus report.Recommending module 55 is used to recommend found system problem and virus report to the client.
In the present embodiment, the receiving module 52 includes:First update module 521, for that will report on client
The system environments at end and the relevant information of Virus State are fed back to described in the representative system environment problem and virus base and renewal
Representative system environment problem and virus base;Second update module 522, for according to updated representative system environment problem and disease
Malicious storehouse updates corresponding system problem and virus report storehouse.
In the present embodiment, the computing module 53 includes:First vector quantization module 531, for by it is described report be
The relevant information vector quantization of system environment and Virus State;Second vector quantization module 532, for the typical system environments to be asked
Topic and Virus Info vector quantization;Cosine similarity computing module 533, for the system environments reported described in calculating after vector quantization
With the typical system environments problem and the cosine similarity of Virus Info after the relevant information and vector quantization of Virus State;
Chosen module 534, for selecting typical system environments problem and virus of the cosine similarity more than predetermined similarity.
System safety inspection device in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
Sixth embodiment
Fig. 6 is the structural representation of the system safety inspection device of sixth embodiment of the invention.Fig. 6 is refer to, the present invention
System safety inspection device 60 in embodiment includes:Establish module 61, receiving module 62, computing module 63, searching modul 64,
Recommending module 65.
Wherein, establish module 61 be used to establishing representative system environment problem and virus base and corresponding system problem with
Virus report storehouse, the representative system environment problem include multiple typical system environments problems and virus with virus base.Receive
Module 62 be used for reception system report on the system environments of client and the relevant information of Virus State.Computing module 63 is used
In the system environments and the relevant information of Virus State reported described in calculating and the multiple typical system environments problem and disease
The similarity of poison, select typical system environments problem and virus that similarity exceedes predetermined similarity.Searching modul 64 is used for
According to selected typical system environments problem with virus in the system problem with searching corresponding system in virus report storehouse
Problem and virus report.Recommending module 65 is used to recommend found system problem and virus report to the client.
In the present embodiment, system safety inspection device 60 further comprises:Judge execution module 66, it is described for judging
Whether client needs to show found system problem and virus report, if it is desired, is then searched in client display
The system problem and virus report arrived;Initiation module 67 is asked, for initiating to report the system problem and virus to client
Accuse the request evaluated;Evaluate receiving module 68, for receive client feedback to the system problem and virus report
Evaluation;Update module 69 is fed back, for received evaluation to be fed back into the system problem and virus report storehouse and root
The system problem and virus report storehouse are improved according to evaluation.
System safety inspection device in the present embodiment can automatically analyze the system problem of client and viral environment, lead to
Cross that analysis system reports on the system environments of client and the relevant information of Virus State, with the canonical system established in advance
Environmental problem is matched with virus base and corresponding system problem with virus report storehouse, to system corresponding to user's recommendation
Problem and virus report, it can not only increase degree of belief, raising user stickiness of the user to system safety inspection result, can also
User is helped to learn to understand basic system security knowledge.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weight
Point explanation is all difference with other embodiment, between each embodiment identical similar part mutually referring to.
For device class embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is joined
See the part explanation of embodiment of the method.
It should be noted that herein, such as first and second or the like relational terms are used merely to a reality
Body or operation make a distinction with another entity or operation, and not necessarily require or imply and deposited between these entities or operation
In any this actual relation or order.Moreover, term " comprising ", "comprising" or its any other variant are intended to
Nonexcludability includes, so that process, method, article or device including a series of elements not only will including those
Element, but also the other element including being not expressly set out, or it is this process, method, article or device also to include
Intrinsic key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that
Other identical element also be present in process, method, article or device including the key element.
One of ordinary skill in the art will appreciate that hardware can be passed through by realizing all or part of step of above-described embodiment
To complete, by program the hardware of correlation can also be instructed to complete, described program can be stored in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only storage, disk or CD etc..
The above described is only a preferred embodiment of the present invention, any formal limitation not is made to the present invention, though
So the present invention is disclosed above with preferred embodiment, but is not limited to the present invention, any to be familiar with this professional technology people
Member, without departing from the scope of the present invention, when the technology contents using the disclosure above make a little change or modification
For the equivalent embodiment of equivalent variations, as long as being the technical spirit pair according to the present invention without departing from technical solution of the present invention content
Any simple modification, equivalent change and modification that above example is made, in the range of still falling within technical solution of the present invention.
Claims (10)
- A kind of 1. system safety check method, it is characterised in that including:Establish representative system environment problem and virus base and corresponding system problem and virus report storehouse, the canonical system Environmental problem includes multiple typical system environments problems and virus with virus base;Reception system report on the system environments of client and the relevant information of Virus State;The system environments and the relevant information of Virus State that are reported described in calculating and the multiple typical system environments problem with The similarity of virus, select typical system environments problem and virus that similarity exceedes predetermined similarity;It is corresponding with lookup in virus report storehouse in the system problem according to selected typical system environments problem and virus System problem and virus report;Recommend found system problem and virus report to the client.
- 2. the method as described in claim 1, it is characterised in that the system environments on client that the reception system reports Include with the step of relevant information of Virus State:It will report and feed back to the representative system environment on the system environments of client and the relevant information of Virus State and ask Topic and virus base simultaneously update the representative system environment problem and virus base;Corresponding system problem and virus report storehouse are updated according to updated representative system environment problem and virus base.
- 3. the method as described in claim 1, it is characterised in that the system environments that is reported described in the calculating and Virus State The step of similarity of relevant information and the multiple typical system environments problem and virus, includes:By the system environments reported and the relevant information vector quantization of Virus State;By the typical system environments problem and Virus Info vector quantization;Calculate the system environments reported after vector quantization and the typical case after the relevant information and vector quantization of Virus State System environments problem and Virus Info cosine similarity;Selected cosine similarity exceedes the typical system environments problem and virus of predetermined similarity.
- 4. the method as described in claim 1, it is characterised in that described to recommend found system problem to the client With including afterwards the step of virus report:Judge whether the client needs to show found system problem and virus report, if it is desired, then in client End shows found system problem and virus report.
- 5. method as claimed in claim 4, it is characterised in that described to show found system problem and disease in client Include after the step of poison report:The request for initiating to evaluate the system problem and virus report to client;Receive the evaluation to the system problem and virus report of client feedback;Received evaluation is fed back into the system problem and virus report storehouse and the system problem is improved according to evaluation With virus report storehouse.
- A kind of 6. system safety inspection device, it is characterised in that including:Module is established, for establishing representative system environment problem and virus base and corresponding system problem and virus report Storehouse, the representative system environment problem include multiple typical system environments problems and virus with virus base;Receiving module, for reception system report on the system environments of client and the relevant information of Virus State;Computing module, for the relevant information for calculating the system environments reported and Virus State and the multiple typical system The similarity of environmental problem of uniting and virus, select typical system environments problem and virus that similarity exceedes predetermined similarity;Searching modul, the typical system environments problem selected for basis is with virus in the system problem and virus report storehouse It is middle to search corresponding system problem and virus report;Recommending module, for recommending found system problem and virus report to the client.
- 7. device as claimed in claim 6, it is characterised in that the receiving module includes:First update module, for feeding back to institute on the system environments of client and the relevant information of Virus State by what is reported State representative system environment problem and virus base and update the representative system environment problem and virus base;Second update module, asked for updating corresponding system with virus base according to updated representative system environment problem Topic and virus report storehouse.
- 8. device as claimed in claim 6, it is characterised in that the computing module includes:First vector quantization module, for by the relevant information vector quantization of the system environments reported and Virus State;Second vector quantization module, for by the typical system environments problem and Virus Info vector quantization;Cosine similarity computing module, for the system environments letter related to Virus State reported described in calculating after vector quantization Breath and the typical system environments problem and the cosine similarity of Virus Info after vector quantization;Chosen module, for selecting typical system environments problem and virus of the cosine similarity more than predetermined similarity.
- 9. device as claimed in claim 6, it is characterised in that described device further comprises:Judge execution module, for judging whether the client needs to show found system problem and virus report, If it is required, then found system problem and virus report are shown in client.
- 10. device as claimed in claim 9, it is characterised in that described device further comprises:Initiation module is asked, for the request for initiating to evaluate the system problem and virus report to client;Receiving module is evaluated, for receiving the evaluation to the system problem and virus report of client feedback;Update module is fed back, for received evaluation to be fed back into the system problem with virus report storehouse and according to evaluation Improve the system problem and virus report storehouse.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210314091.7A CN103678997B (en) | 2012-08-30 | 2012-08-30 | System safety check method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210314091.7A CN103678997B (en) | 2012-08-30 | 2012-08-30 | System safety check method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103678997A CN103678997A (en) | 2014-03-26 |
CN103678997B true CN103678997B (en) | 2017-12-01 |
Family
ID=50316514
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210314091.7A Active CN103678997B (en) | 2012-08-30 | 2012-08-30 | System safety check method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103678997B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7346928B1 (en) * | 2000-12-01 | 2008-03-18 | Network Appliance, Inc. | Decentralized appliance virus scanning |
CN101281571A (en) * | 2008-04-22 | 2008-10-08 | 白杰 | Method for defending unknown virus program |
CN101621511A (en) * | 2009-06-09 | 2010-01-06 | 北京安天电子设备有限公司 | Multilayer detecting method without local virus library and multilayer detecting system |
-
2012
- 2012-08-30 CN CN201210314091.7A patent/CN103678997B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7346928B1 (en) * | 2000-12-01 | 2008-03-18 | Network Appliance, Inc. | Decentralized appliance virus scanning |
CN101281571A (en) * | 2008-04-22 | 2008-10-08 | 白杰 | Method for defending unknown virus program |
CN101621511A (en) * | 2009-06-09 | 2010-01-06 | 北京安天电子设备有限公司 | Multilayer detecting method without local virus library and multilayer detecting system |
Non-Patent Citations (2)
Title |
---|
基于进化半监督模糊聚类算法的病毒检测研究;朱红斌 等;《计算技术与自动化》;20080315;第27卷(第01期);第104-106页 * |
恶意代码分类的研究与实现;方志鹤;《中国优秀硕士学位论文全文数据库 信息科技辑》;20120415;正文第53页第1段至第63页第1段 * |
Also Published As
Publication number | Publication date |
---|---|
CN103678997A (en) | 2014-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11086873B2 (en) | Query-time analytics on graph queries spanning subgraphs | |
CN103177075B (en) | The detection of Knowledge based engineering entity and disambiguation | |
CN102227725B (en) | System and method for matching entities | |
US9304979B2 (en) | Authorized syndicated descriptions of linked web content displayed with links in user-generated content | |
US9773272B2 (en) | Recommendation engine | |
US20160132800A1 (en) | Business Relationship Accessing | |
US9519718B2 (en) | Webpage information detection method and system | |
US9081814B1 (en) | Using an entity database to answer entity-triggering questions | |
US10825110B2 (en) | Entity page recommendation based on post content | |
US20150120451A1 (en) | Method and apparatus for acquiring merchant information | |
JP6758454B2 (en) | Social network search result presentation method and device, and storage medium | |
US20150242515A1 (en) | Mining Security Vulnerabilities Available from Social Media | |
US8973097B1 (en) | Method and system for identifying business records | |
US20120102057A1 (en) | Entity name matching | |
US20150348062A1 (en) | Crm contact to social network profile mapping | |
CN109446417B (en) | Intelligent retrieval method and device | |
CN108280102A (en) | Internet behavior recording method, device and user terminal | |
CN114154166A (en) | Abnormal data identification method, device, equipment and storage medium | |
US8738557B1 (en) | Detection of spam using contextual analysis of data sources | |
CN109885780A (en) | Data processing method and device | |
US20180165283A1 (en) | Performance improvement in data visualization filters | |
CN103678997B (en) | System safety check method and device | |
CN102622379A (en) | Real name detection method and equipment | |
US9461897B1 (en) | Monitoring and analysis of social network traffic | |
Huang et al. | A hybrid decision approach to detect profile injection attacks in collaborative recommender systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230712 Address after: 518057 Tencent Building, No. 1 High-tech Zone, Nanshan District, Shenzhen City, Guangdong Province, 35 floors Patentee after: TENCENT TECHNOLOGY (SHENZHEN) Co.,Ltd. Patentee after: TENCENT CLOUD COMPUTING (BEIJING) Co.,Ltd. Address before: 2, 518044, East 403 room, SEG science and Technology Park, Zhenxing Road, Shenzhen, Guangdong, Futian District Patentee before: TENCENT TECHNOLOGY (SHENZHEN) Co.,Ltd. |
|
TR01 | Transfer of patent right |