CN107241334A - Network virus protection method and the router for network virus protection - Google Patents
Network virus protection method and the router for network virus protection Download PDFInfo
- Publication number
- CN107241334A CN107241334A CN201710461463.1A CN201710461463A CN107241334A CN 107241334 A CN107241334 A CN 107241334A CN 201710461463 A CN201710461463 A CN 201710461463A CN 107241334 A CN107241334 A CN 107241334A
- Authority
- CN
- China
- Prior art keywords
- virus
- network
- antivirus
- data
- router
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Abstract
The network virus protection method of the present invention and the router for network virus protection, including:S1:Router monitoring by being provided with antivirus main program is provided with the terminal device of antivirus applet interface routine;S2:Router receives the data that antivirus applet interface routine is returned according to the Monitoring instruction of antivirus main program;S3:The data sent by antivirus main program to antivirus applet interface routine are detected, and send killing instruction to corresponding antivirus applet interface routine when detecting the presence of viral data.Advantage is:Antivirus operation is mainly completed by router, and the system operation resource occupation of terminal device is reduced, the operational efficiency of terminal device is improved.
Description
Technical field
The invention belongs to router field, more particularly to a kind of network virus protection method and for network virus protection
Router.
Background technology
People are using mobile phone or electricity often by the use of wireless routing as the bridge for being wiredly connected to wireless connection in life
When brain, wireless router is only merely that the wireless signal of handle machine or computer is converted into wire signal and is sent to cable network
Internet, or the wire signal that Internet transmission comes is converted into wireless signal is sent to mobile phone or computer.
With information-based development, network is ubiquitous, but the information security of network and electronic product is also more and more important,
Conventional anti-information is stolen, the method for anti-virus, anti-Trojan is exactly that antivirus software is installed in electronic product, is allowed to monitoring system
Run Scan for Viruses and wooden horse, protection information safety.
The existing this method for installing antivirus software protection information safety has a shortcoming, 1, existing technology is must be every
Individual electronic product terminal loads onto antivirus software, this method take electronic product system resource and to the electronic product of mini system without
Method is applicable;1st, when computer poisoning is serious, when antivirus software infects virus in itself, during antivirus software scanning electron production device data on the contrary
Alternative document can be infected, it is not smooth that irregular working of killing virus in addition can also be such that electronic product runs in itself.
In order to solve the above-mentioned technical problem, people have carried out long-term exploration, and such as Chinese patent discloses one kind and had
High-end firewall router [the application number of static packet screening function:CN201521070052.2], including machine case, in
Central processor, static packet screening chip, transmission antenna, machine case both sides are provided with heat emission hole, machine case front
Side is provided with working signal indicator lamp, and machine case upper side is provided with external connection port, and external connection port both sides are set
Have and central processing unit is installed inside transmission antenna, machine case, static packet screening core is provided with above central processing unit
It is provided with below piece, central processing unit on rear side of memory chip, central processing unit and is provided with integral control circuit plate, central processing unit
UNICOM's circuit is provided between memory chip, static packet screening chip.
For another example, it is a kind of based on the hierarchical protection inspection system and its application method [application number that check Knowledge Base Techniques:
CN201610091018.6], including instrument inspection management system and technology for detection tool storage room, it is characterised in that the instrument inspection
Looking into management system includes Index for examination storehouse, inspection knowledge base, human-computer interaction interface, system management module and special purpose interface, described
Human-computer interaction interface, for showing the content that important information system-based database issues and the work that technology for detection tool storage room is submitted
Tool checks data, and the function of checking knowledge elicitation and check data inputting is provided for inspection personnel;The Index for examination storehouse includes
Unit graduation protection work development condition of putting on record inspection, information system deciding grade and level put on record inspections, grade test and appraisal and Security Construction rectify and improve
Working condition inspection, information system key measures implementation of conditions, information system hierarchical protection management system implementation of conditions, letter
Cease security incident, emergency preplan, the scope of examination of incident investigation disposal and Index for examination;The inspection knowledge base, information is pacified
Implementation experience, expertise and the analysis model of congruent level protection check work are solidified, in the way of running background, for etc.
Level, which keeps the scene intact, checks that work provides unified specialty and checks knowledge and the intelligent analysis module of specialty analysis, checks that knowledge is pair
The refinement of the practical experience and knowledge of hierarchical protection work, works site inspection and carries out the guiding of clear and definite and specification;The system
System management module, checks that management system provides operation maintenance and supported for instrument, including configuration, user and log management, described special
With interface, put down for checking data interaction, the data submission of checking tool and being supervised with information system security between instrument
Data interaction between platform;The technology for detection tool storage room includes the standard configuration instrument and apolegamy instrument that hierarchical protection is checked, described
Standard configuration instrument includes:Windows main frame configuration inspection instruments, for being configured to the main frame for installing Windows operating system
The instrument of information automation collection;Linux main frame configuration inspection instruments, for being carried out to the main frame for installing (SuSE) Linux OS
The instrument of configuration information automation collection;Network and safety means configuration inspection instrument, for router, interchanger and fire prevention
Wall carries out the instrument of configuration information automation collection;Virus checking instrument, for checking Windows operating system with the presence or absence of disease
The instrument of poison;Wooden horse checking tool, the instrument of wooden horse is whether there is in inspection Windows operating system;Website malicious code inspection
Instrument is looked into, for checking whether ASP, ASPX, JSP, PHP, CSS strategy infect or in the presence of malice in WEB server directory path
The instrument of code;The apolegamy instrument includes weak passwurd checking tool and leak checking tool, and the weak passwurd checking tool is used
In inspection SMB, MSSQL, FTP, MYSQL, Oracle, RDP, POP3, SSH, HTTP, Telnet, VNC and SysBase application clothes
Instrument of the business with the presence or absence of weak passwurd;The leak checking tool includes database security checking tool and industrial control system is examined
Survey instrument, the database security checking tool is used for the instrument for checking that database whether there is security vulnerabilities;The industry control
System detectio instrument processed, for carrying out safety detection to the PLC leaks in industrial control system and finding that the safety that PLC is present is leaked
Hole.
Above-mentioned two scheme installs viral hook procedure on the router, and solving prior art must be at each end
The defect of antivirus software is installed on end, ensures the operational efficiency of terminal while reaching anti-internet worm purpose, but still deposit
In segmental defect, for example, can only be to being intercepted by the internet worm of router, it is impossible to which the virus to the presence in terminal is entered
Row killing etc..
The content of the invention
Regarding the issue above, the present invention provides a kind of can recognize and the viral network virus protection side of killing
Method;
It is another object of the present invention in view of the above-mentioned problems, provide it is a kind of with internet worm identification function be used for network
The router of antivirus protection;
To reach above-mentioned purpose, present invention employs following technical proposal:
A kind of network virus protection method, comprises the following steps:
S1:Router monitoring by being provided with antivirus main program is provided with the terminal device of antivirus applet interface routine;
S2:Router receives the data that antivirus applet interface routine is returned according to the Monitoring instruction of antivirus main program;
S3:The data sent by antivirus main program to antivirus applet interface routine are detected, and are detecting the presence of disease
During malicious data killing instruction is sent to corresponding antivirus applet interface routine.
By above-mentioned technical proposal, antivirus operation is mainly completed by router, and the system operation resource to terminal device is accounted for
With reduction, the operational efficiency of terminal device is improved.
In above-mentioned network virus protection method, described router is by the scanning imaging system for main program of killing virus to corresponding
Terminal device is scanned monitoring, Viral diagnosis is carried out to scan data by the virus checker of antivirus applet, by killing
The checking and killing virus program of malicious main program is handled the viral data detected.
In above-mentioned network virus protection method, in step sl, described antivirus main program is swept by wireless network
The running status and related data for the terminal device for being provided with antivirus applet interface routine is retouched to carry out corresponding terminal device
Scanning monitoring.
In above-mentioned network virus protection method, in step s3, described antivirus main program by feature code method,
Examine is to detect terminal device with any one or more method for detecting virus in method, behavior monitoring method and software simulation method
It is no to there are viral data.
In above-mentioned network virus protection method, in step sl, described antivirus main program to described by killing
Malicious program interface routines, which are sent, makes antivirus applet interface routine perform the data deleted and have virus characteristic in corresponding terminal equipment
Operation killing instruction viral data are handled.
In above-mentioned network virus protection method, before step S1, in addition to:
Router sets up the virus characteristic information network table for storing virus characteristic information in network, and is led by killing virus
The network access data that sequential monitoring passes through the router.
In above-mentioned network virus protection method, when existing by the network access of router, router is by network
The uplink network data of access and/or the network data of downstream station equipment and the virus characteristic in virus characteristic information network table
Information is matched, after the match is successful, and the network data that the match is successful is intercepted.
In above-mentioned network virus protection method, described router is detecting the presence of the new virus in terminal device
Afterwards, the new virus characteristic information is added in virus characteristic information network table.
A kind of router for network virus protection, including the wireless router of antivirus module is installed, described kills
Malicious module includes scan module, anti-viral detection module and checking and killing virus module, wherein,
Scan module:Running status and related data for the terminal device descending to router are scanned;
Anti-viral detection module:It whether there is viral number for being detected to scanning information to monitor corresponding terminal device
According to;
Checking and killing virus module:The terminal device is deleted for being assigned to the viral removing module on corresponding terminal device
The instruction of corresponding virus data.
In the above-mentioned router for network virus protection, described wireless router also includes:
Virus characteristic information network table:For storing internet worm characteristic information;
Matching module:For by the network data of uplink network data and/or downstream station equipment and virus characteristic information
Virus characteristic information in net list is matched;
Blocking module:For according to matching result and/or Viral diagnosis result by uplink network data and/or downstream station
Viral data in the network data of equipment are intercepted;
Virus characteristic information network table update module:New discovery disease on the terminal device descending for being included within router
The new virus characteristic information of the virus characteristic information of poison is added in virus characteristic information network table.
Inventive network antivirus protection method and for network virus protection router compared to prior art have with
Lower advantage:1st, the system operation resource of antivirus applet occupied terminal product is reduced, the speed of service of end product is improved;2nd, pass through
The major part of main program is installed on the router by the data isolation of antivirus applet and terminal device, it is ensured that antivirus applet
Itself is clean, will not be because itself is infected and influences the data of terminal device.
Brief description of the drawings
Fig. 1 is the method flow diagram of the embodiment of the present invention one;
Fig. 2 is the Part Methods flow chart of the embodiment of the present invention two;
Fig. 3 is the system block diagram of the embodiment of the present invention three.
Reference:Wireless router 1;Virus characteristic information network table 11;Matching module 12;Blocking module 13;Virus
Characteristic information net list update module 14;Antivirus module 2;Scan module 21;Anti-viral detection module 22;Checking and killing virus module 23;
Terminal device 3;Viral removing module 4.
Embodiment
Virus precaution and management of the present invention suitable for radio-based electronic devices, can solve the problem that prior art will whole viral journey
Sequence is installed on the terminal device, causes occupied terminal device resource excessive, and virus is polluted in itself produces to terminal device data
The problems such as raw influence.
The following is the preferred embodiments of the present invention and with reference to accompanying drawing, technical scheme is further described,
But the present invention is not limited to these embodiments.
Embodiment one
As shown in figure 1, present embodiment discloses a kind of network virus protection method, including:
S1:Router monitoring by being provided with antivirus main program is provided with the terminal device 3 of antivirus applet interface routine;
S2:Antivirus applet interface routine is received by the antivirus applet main program of router according to the monitoring of antivirus main program to be referred to
Make the data returned;
S3:The data sent by antivirus main program to antivirus applet interface routine are detected, and are detecting the presence of disease
During malicious data killing instruction is sent to corresponding antivirus applet interface routine.
Wherein, router is scanned monitoring by the scanning imaging system for main program of killing virus to corresponding terminal equipment 3, by killing
The virus checker of malicious program carries out Viral diagnosis to scan data, by the checking and killing virus program for main program of killing virus to detection
To viral data handled.
Further, the scanning imaging system of antivirus main program is provided with antivirus applet interface routine by wireless network scan
The running status and related data of terminal device 3 are scanned monitoring to corresponding terminal device 3.
Similarly, the checking and killing virus program of antivirus main program makes antivirus by being sent to described antivirus applet interface routine
The killing that program interface routines perform the operation for deleting the data in corresponding terminal equipment 3 with virus characteristic is instructed with to virus
Data are handled;
Similarly, the virus checker of antivirus main program passes through feature code method, inspection and method, behavior monitoring method and soft
Any one or more method for detecting virus in part simulation is to detect that terminal device 3 whether there is viral data;Wherein
Feature code method:
Feature code method is applied in the famous virus detection tools such as SCAN, CPAV by early stage.
Feature code method realizes that step is as follows:
Known viruse sample is gathered, if virus both infects command file, EXE files are infected again, will be simultaneously to this virus
Gather COM types Virus Sample and EXE type Virus Samples.
In Virus Sample, extraction feature code.According to following principle:
The code of extraction is more special, unlikely to be coincide with common regular program code.The code of extraction has appropriate
Length, on the one hand maintains the uniqueness of feature code, on the other hand again without too big spatiotemporal expense.If a kind of
The feature code of virus increases a byte, to detect 3000 kinds of viruses, increased space is exactly 3000 bytes.Keeping uniqueness
On the premise of, make feature code length shorter as far as possible, to reduce space and time overhead.
In not only infecting command file but also infecting the Virus Sample of EXE files, the shared code of two kinds of samples is extracted, by spy
Levy code and include virus database.
Open and be detected file, search for hereof, check in file whether contain the virus characteristic in virus database
Code, if it find that virus pattern code, because feature code is corresponded with virus, just suffers from it can be concluded that being looked into file
There is which kind of virus.
The characteristics of feature code method is:
A. speed is slow
With increasing for viral species, retrieval time is elongated.If retrieving 5000 kinds of viruses, it is necessary to special to 5000 viruses
Levy code to check one by one, be further added by if virus plants number, the time overhead of inspection virus just becomes very considerable;
B. false alarm rate is low;
C. polymorphism virus can not be detected;
D. disguised virus is not can do with.
Verification and method:
By the content of normal file, calculate its verification and, in the verification and write-in file or will write in other file and protect
Deposit, during file use, regularly or every time using before file, check verification that the present content of file is calculated and with it is original
The verification of preservation with it is whether consistent, thus can be found that file whether infect.
Examine and method can not only find known viruse but also can find unknown virus.In the later stage version of SCAN and CPAV instruments
In addition to virus pattern code method, verification and method are also included, to improve its detectability.
Verification and method can find known viruse, can also find unknown virus, still, and it can not recognize virus type, it is impossible to
Virus Name is quoted, due to virus infection his unique non-property reason that not file content changes, the change of file content has
It is probably caused by normal procedure, so verification and method easily produce false alarm.
As feature code method, verification and method also can not produce influence to disguised virus.
Virus is looked into using three kinds of modes with verification and method:
1. verification and method are included in detection antivirus tool, calculates the obj ect file looked into the verification of its normal condition
With, by checksum value write-in looked into file or detection instrument in, be then compared.
2. in the application, verification and method self-examination function are put into, by the verification of file normal condition and write-in text
Part in itself in, whenever application program launching, relatively it is existing verification and with former checksum value, realize the Autonomous test of application program.
3. it will verify and check program resident internal memory, when bringing into operation application program, automatic audit by comparison application journey
The verification that is pre-saved inside sequence or in other file and.
Verification and the advantage of method are:Method is simple, can find unknown virus, being looked into the slight change of file can also find;
Verification and the shortcoming of method are:The verification of the current record normal state of issue and, can false alarm, viral name can not be recognized
Claim, not can do with hidden-type virus.
Behavior monitoring method:
A kind of method that virus is monitored using viral peculiar behavioural characteristic.
Because some behaviors are the joint acts of virus, and compare special, in normal procedure, these behaviors are more rare
See, so, when the program is run, its behavior is monitored, if it find that virus behavior, alarms immediately.
These are as follows as the behavioural characteristic of monitoring virus:
A. INT 13H are occupied
All boot-type virus, all attack Boot sectors or MBS.When system starts, as Boot sectors or master
When boot sector obtains right of execution, system just goes into operation.General boot-type virus can all take INT 13H functions, because other
Systemic-function is not provided with, it is impossible to utilized, and boot-type virus occupy INT 13H functions, and the required code of virus is placed wherein.
B. the memory amount that DOS systems are data field is changed
After viral memory-resident, in order to prevent that DOS systems from being covered, it is necessary to change Installed System Memory total amount.
C. write activity is done to COM, EXE file
Virus will infect, it is necessary to write COM, EXE file.
D. the switching of Virus and host program
In the operation of contamination program, virus is first run, host program is then performed.When both switch, there is many features row
For.
The advantage of behavior monitoring method:Unknown virus can be found, unknown majority virus can be reasonably accurately forecast;
The shortcoming of behavior monitoring method:Possible false alarm, Virus Name can not be recognized.
Software simulation method:Comprehensive a variety of method for detecting virus.
Software simulation method advantage:Judgement to virus is most strong;
Software simulation method shortcoming:Sweep speed is slow.
The present embodiment is divided on router and terminal device 3 respectively by the way that antivirus applet is divided into two parts, antivirus
The monitoring and antivirus of program are completed by router, and the antivirus part of terminal device 3 need to only be held according to the antivirus applet on router
Row retains or deleted instruction, reduces antivirus applet and antivirus operation to the occupancy of the system operation resource of terminal device 3, improves
The speed of service of terminal device 3, meanwhile, by the way that the major part of antivirus applet is installed on the router, the number with terminal device 3
According to being isolated, antivirus applet clean in itself is kept, more the data of terminal device 3 will not be influenceed because itself is infected.
Embodiment two
As shown in Fig. 2 the present embodiment is similar with embodiment one, difference is, the present embodiment is before step S1, also
Comprise the following steps:
Router sets up the virus characteristic information network table 11 for storing virus characteristic information in network, and passes through antivirus
The network access data that main program monitoring passes through the router:Router is by uplink network data of network access and/or descending
The network data of terminal device 3 is matched with the virus characteristic information in virus characteristic information network table 11, when the match is successful
Afterwards, the network data that the match is successful is intercepted.
Preferably, router is being detected the presence of after the new virus of terminal device 3, and the new virus characteristic information is added
Enter into virus characteristic information network table 11 with the virus characteristic information network table 11 for router of enriching constantly in order to which next time is sent out
Existing similar virus is directly intercepted or killing operation.
In the present embodiment, the interception to network data will be completed by router itself, the disease that router is set up by oneself
Malicious characteristic information is intercepted and mistake to the fishing website or wooden horse website data that are sent to the descending terminal device 3 of router
Filter, is allowed to not influence the use of terminal electronic product, while intercepting the virus that downstream station equipment 3 is carried itself, makes virus, wood
Horse is without normal direction Internet communication, while the virus that downstream station equipment 3 is carried itself is carried out into killing by the method for embodiment one.
Embodiment three
As shown in figure 3, carrying out disease present embodiment discloses a kind of method using described in embodiment one or embodiment two
Poison protection, the router for network virus protection of killing, it includes the wireless router 1 for being provided with antivirus module, antivirus
Module 2 includes scan module 21, anti-viral detection module 22 and checking and killing virus module 23, wherein,
Scan module 21:Running status and related data for the terminal device 3 descending to router are scanned, this
In embodiment, the descending terminal device 3 of router is also known as downstream station equipment 3;
Anti-viral detection module 22:It whether there is disease for being detected to scanning information to monitor corresponding terminal device 3
Malicious data;
Checking and killing virus module 23:For to the viral removing module 4 on corresponding terminal device 3 assign deletion the terminal set
The instruction of corresponding viral data on standby 3.
Further, wireless router 1 also includes:
Virus characteristic information network table 11:For storing internet worm characteristic information;
Matching module 12:For the network data of uplink network data and/or downstream station equipment 3 and virus characteristic to be believed
Virus characteristic information in breath net list 11 is matched;
Blocking module 13:For according to matching result and/or Viral diagnosis result by uplink network data and/or descending end
Viral data in the network data of end equipment 3 are intercepted;
Virus characteristic information network table update module 14:Newly sent out on the terminal device 3 descending for being included within router
The new virus characteristic information of the virus characteristic information of existing virus is added in virus characteristic information network table 11.
Specific embodiment described herein is only to spirit explanation for example of the invention.Technology neck belonging to of the invention
The technical staff in domain can be made various modifications or supplement to described specific embodiment or be replaced using similar mode
Generation, but without departing from the spiritual of the present invention or surmount scope defined in appended claims.
Although more having used wireless router 1 herein;Virus characteristic information network table 11;Matching module 12;Intercept
Module 13;Virus characteristic information network table update module 14;Antivirus module 2;Scan module 21;Anti-viral detection module 22;Virus
Killing module 23;Terminal device 3;The viral grade of removing module 4 term, but it is not precluded from the possibility using other terms.Use
These terms are used for the purpose of more easily describing and explaining the essence of the present invention;It is construed as any additional limit
System is all disagreed with spirit of the present invention.
Claims (10)
1. a kind of network virus protection method, it is characterised in that comprise the following steps:
S1:Router monitoring by being provided with antivirus main program is provided with the terminal device (3) of antivirus applet interface routine;
S2:Router receives the data that antivirus applet interface routine is returned according to the Monitoring instruction of antivirus main program;
S3:The data sent by antivirus main program to antivirus applet interface routine are detected, and are detecting the presence of viral number
According to when to corresponding antivirus applet interface routine send killing instruction.
2. network virus protection method according to claim 1, it is characterised in that described router passes through main journey of killing virus
The scanning imaging system of sequence is scanned monitoring to corresponding terminal equipment (3), by the virus checker of antivirus applet to scanning number
According to Viral diagnosis is carried out, the viral data detected are handled by the checking and killing virus program for main program of killing virus.
3. network virus protection method according to claim 1 or 2, it is characterised in that in step sl, described antivirus
Main program is provided with the running status and related data of the terminal device (3) of antivirus applet interface routine by wireless network scan
Monitoring is scanned to corresponding terminal device (3).
4. network virus protection method according to claim 1 or 2, it is characterised in that in step s3, described antivirus
Main program is examined by any one or more virus in feature code method, inspection and method, behavior monitoring method and software simulation method
Survey method is to detect that terminal device (3) whether there is viral data.
5. network virus protection method according to claim 2, it is characterised in that in step sl, described antivirus master
Program makes antivirus applet interface routine perform deletion corresponding terminal equipment (3) by being sent to described antivirus applet interface routine
The killing of the operation of the upper data with virus characteristic instructs to handle viral data.
6. network virus protection method according to claim 1, it is characterised in that before step S1, in addition to:
Router sets up the virus characteristic information network table (11) for storing virus characteristic information in network, and is led by killing virus
The network access data that sequential monitoring passes through the router.
7. network virus protection method according to claim 6, it is characterised in that visited when there is the network by router
When asking, router believes the network data of the uplink network data of network access and/or downstream station equipment (3) and virus characteristic
Virus characteristic information in breath net list (11) is matched, and after the match is successful, the network data that the match is successful is blocked
Cut.
8. network virus protection method according to claim 6, it is characterised in that described router is being detected the presence of
After the new virus of terminal device (3), the new virus characteristic information is added in virus characteristic information network table (11).
9. a kind of router for network virus protection, it is characterised in that the wireless routing including being provided with antivirus module (2)
Device (1), described antivirus module (2) includes scan module (21), anti-viral detection module (22) and checking and killing virus module (23), its
In,
Scan module (21):It is scanned for running status and related data to the descending terminal device of router (3);
Anti-viral detection module (22):It whether there is disease for being detected to scanning information to monitor corresponding terminal device (3)
Malicious data;
Checking and killing virus module (23):The terminal is deleted for being assigned to the viral removing module (4) on corresponding terminal device (3)
The instruction of corresponding virus data in equipment (3).
10. the router according to claim 9 for network virus protection, it is characterised in that described wireless routing
Device (1) also includes:
Virus characteristic information network table (11):For storing internet worm characteristic information;
Matching module (12):For the network data of uplink network data and/or downstream station equipment (3) and virus characteristic to be believed
Virus characteristic information in breath net list (11) is matched;
Blocking module (13):For according to matching result and/or Viral diagnosis result by uplink network data and/or downstream station
Viral data in the network data of equipment (3) are intercepted;
Virus characteristic information network table update module (14):Newly sent out for being included within the descending terminal device of router (3)
The new virus characteristic information of the virus characteristic information of existing virus is added in virus characteristic information network table (11).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710461463.1A CN107241334A (en) | 2017-06-16 | 2017-06-16 | Network virus protection method and the router for network virus protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710461463.1A CN107241334A (en) | 2017-06-16 | 2017-06-16 | Network virus protection method and the router for network virus protection |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107241334A true CN107241334A (en) | 2017-10-10 |
Family
ID=59987154
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710461463.1A Pending CN107241334A (en) | 2017-06-16 | 2017-06-16 | Network virus protection method and the router for network virus protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107241334A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108197465A (en) * | 2017-11-28 | 2018-06-22 | 中国科学院声学研究所 | A kind of network address detection method and device |
CN108418804A (en) * | 2018-02-05 | 2018-08-17 | 四川斐讯信息技术有限公司 | A kind of anti-virus router, system and method |
CN112118220A (en) * | 2020-08-06 | 2020-12-22 | 福建中信网安信息科技有限公司 | Network security level protection evaluation method and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101399786A (en) * | 2007-09-29 | 2009-04-01 | 华为技术有限公司 | Method, apparatus and system for network safe transmission |
US20130170492A1 (en) * | 2010-08-06 | 2013-07-04 | Dorian Lu | Communication method and system for a novel network |
CN103916451A (en) * | 2013-12-25 | 2014-07-09 | 武汉安天信息技术有限责任公司 | Security center system for intelligent terminal devices on basis of internet of things |
CN103929323A (en) * | 2013-12-16 | 2014-07-16 | 汉柏科技有限公司 | Health degree monitoring method of cloud network equipment |
CN105119943A (en) * | 2015-09-21 | 2015-12-02 | 上海斐讯数据通信技术有限公司 | Network virus prevention method, network virus prevention router and network virus prevention system |
-
2017
- 2017-06-16 CN CN201710461463.1A patent/CN107241334A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101399786A (en) * | 2007-09-29 | 2009-04-01 | 华为技术有限公司 | Method, apparatus and system for network safe transmission |
US20130170492A1 (en) * | 2010-08-06 | 2013-07-04 | Dorian Lu | Communication method and system for a novel network |
CN103929323A (en) * | 2013-12-16 | 2014-07-16 | 汉柏科技有限公司 | Health degree monitoring method of cloud network equipment |
CN103916451A (en) * | 2013-12-25 | 2014-07-09 | 武汉安天信息技术有限责任公司 | Security center system for intelligent terminal devices on basis of internet of things |
CN105119943A (en) * | 2015-09-21 | 2015-12-02 | 上海斐讯数据通信技术有限公司 | Network virus prevention method, network virus prevention router and network virus prevention system |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108197465A (en) * | 2017-11-28 | 2018-06-22 | 中国科学院声学研究所 | A kind of network address detection method and device |
CN108197465B (en) * | 2017-11-28 | 2020-12-08 | 中国科学院声学研究所 | Website detection method and device |
CN108418804A (en) * | 2018-02-05 | 2018-08-17 | 四川斐讯信息技术有限公司 | A kind of anti-virus router, system and method |
CN112118220A (en) * | 2020-08-06 | 2020-12-22 | 福建中信网安信息科技有限公司 | Network security level protection evaluation method and system |
CN112118220B (en) * | 2020-08-06 | 2022-09-06 | 福建中信网安信息科技有限公司 | Network security level protection evaluation method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107231360A (en) | Network virus protection method, safe wireless router and system based on cloud network | |
CN104283889B (en) | APT attack detectings and early warning system inside electric system based on the network architecture | |
KR101679578B1 (en) | Apparatus and method for providing controlling service for iot security | |
CN108347430A (en) | Network invasion monitoring based on deep learning and vulnerability scanning method and device | |
US11956208B2 (en) | Graphical representation of security threats in a network | |
CN104038466B (en) | Intruding detection system, method and apparatus for cloud computing environment | |
CN112184091B (en) | Industrial control system security threat assessment method, device and system | |
US20110307956A1 (en) | System and method for analyzing malicious code using a static analyzer | |
CN107743701A (en) | The global clustering to event based on Malware similitude and online degree of belief | |
JP6408395B2 (en) | Blacklist management method | |
CN112799358B (en) | Industrial control safety defense system | |
US10033761B2 (en) | System and method for monitoring falsification of content after detection of unauthorized access | |
CN109063486B (en) | Safety penetration testing method and system based on PLC equipment fingerprint identification | |
CN114598525A (en) | IP automatic blocking method and device for network attack | |
KR101788410B1 (en) | An analysis system of security breach with analyzing a security event log and an analysis method thereof | |
CN107241334A (en) | Network virus protection method and the router for network virus protection | |
CN104486320B (en) | Intranet sensitive information leakage evidence-obtaining system and method based on sweet network technology | |
CN113158197B (en) | SQL injection vulnerability detection method and system based on active IAST | |
US11500987B2 (en) | Incident effect range estimation device, incident effect range estimation method, storage medium, and system | |
CN103975331B (en) | It is incorporated with the safe data center's infrastructure management system for being managed infrastructure equipment | |
CN114584405A (en) | Electric power terminal safety protection method and system | |
CN103581185A (en) | Cloud searching and killing method, device and system for resisting anti-antivirus test | |
CN108989294A (en) | A kind of method and system for the malicious user accurately identifying website visiting | |
CN112948821A (en) | APT detection early warning method | |
CN113132318A (en) | Active defense method and system for information safety of power distribution automation system master station |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171010 |