CN110610087A - Data acquisition safety detection method and device - Google Patents
Data acquisition safety detection method and device Download PDFInfo
- Publication number
- CN110610087A CN110610087A CN201910840257.0A CN201910840257A CN110610087A CN 110610087 A CN110610087 A CN 110610087A CN 201910840257 A CN201910840257 A CN 201910840257A CN 110610087 A CN110610087 A CN 110610087A
- Authority
- CN
- China
- Prior art keywords
- acquisition
- detection method
- data acquisition
- antivirus
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/568—Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)
Abstract
The invention relates to the technical field of data security, and discloses a data acquisition security detection method, which comprises the following steps: accessing a software development kit for the third antivirus tool; in the process of collecting the collected object, uploading the collected object to a antivirus middleware of the third-party antivirus engine in real time, and scanning the collected object through the antivirus middleware; acquiring a scanning result of the third-party antivirus engine; and when the scanning result is that viruses exist, isolating the acquisition object and terminating the acquisition operation. The invention has the technical effect of ensuring the data acquisition safety.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a data acquisition security detection method and device.
Background
In the data acquisition process, potential safety hazards usually exist in the acquired objects. The collection object is off-line data relative to the internal collection network, if the collection object is directly subjected to safety detection in the internal collection network, the potential safety hazard is undoubtedly introduced into the internal collection network, the collection object carries viruses, and the internal collection network is directly influenced.
Disclosure of Invention
The invention aims to overcome the technical defects, provides a data acquisition safety detection method and a data acquisition safety detection device, and solves the technical problem that safety detection cannot be performed during data acquisition in the prior art.
In order to achieve the technical purpose, the technical scheme of the invention provides a data acquisition safety detection method, which comprises the following steps:
accessing a software development kit for the third antivirus tool;
in the process of collecting the collected object, uploading the collected object to a antivirus middleware of the third-party antivirus engine in real time, and scanning the collected object through the antivirus middleware;
acquiring a scanning result of the third-party antivirus engine;
and when the scanning result is that viruses exist, isolating the acquisition object and terminating the acquisition operation.
The invention also provides a data acquisition safety detection device, which comprises a processor and a memory, wherein the memory is stored with a computer program, and the computer program is executed by the processor to realize the data acquisition safety detection method.
The invention also provides a computer storage medium on which a computer program is stored, wherein the computer program is executed by a processor to realize the data acquisition safety detection method.
Compared with the prior art, the invention has the beneficial effects that: according to the invention, the detection of the collected object is realized by accessing the third-party antivirus engine, so that the safety detection of the collected object can be completed in an independent network environment, and data with viruses cannot be introduced into an internal collection network environment, thereby solving the problem that the existing data collection system can only collect data and cannot perform safety detection on the collected object.
Drawings
Fig. 1 is a flowchart of an embodiment of a data acquisition security detection method provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Example 1
As shown in fig. 1, embodiment 1 of the present invention provides a data acquisition security detection method, which is hereinafter referred to as a method for short, and includes the following steps:
s1, accessing a software development kit of the third antivirus tool;
s2, uploading the collected object to a disinfection middleware of the third-party disinfection engine in real time in the process of collecting the collected object, and scanning the collected object through the disinfection middleware;
s3, obtaining the scanning result of the third-party antivirus engine;
and S4, when the scanning result shows that viruses exist, isolating the acquisition object and terminating the acquisition operation.
In the process of collecting the collected object, the collected object is uploaded to the antivirus middleware of the third-party antivirus engine in real time, and the collected object is scanned through the antivirus middleware. By accessing a Software Development Kit (SDK) of third-party antivirus software, the acquired object is uploaded to an antivirus middleware for safety scanning through linkage with an SDK interface. And the third-party antivirus engine exchanges scanning result information with the data acquisition system and sends the scanning result to the data acquisition system. And after the virus-killing middleware identifies the collection object with the virus, isolating the collection object with the virus, and immediately stopping collection operation.
The data acquisition system is connected with the third-party antivirus engine in an embedded mode, so that various off-line data can be detected, users with safety requirements in the data acquisition process can be met in an independent third-party network environment, data with viruses cannot be led to the acquisition network environment in the data acquisition system, the problem that the conventional data acquisition system can only acquire data and cannot perform safety detection on an acquired object is solved, a new mode of combining data acquisition and data safety is realized, and the unification of data acquisition and data safety is realized.
Preferably, the obtaining of the scanning result of the third-party antivirus engine specifically includes:
and acquiring the scanning result of the third-party antivirus engine through a miler network protocol.
And the antivirus middleware returns a scanned scanning result through the public cloud of the third-party antivirus engine and the local engine in the scanning process, and the acquisition system sends an acquisition object to the antivirus middleware through the miler network protocol and acquires the scanning result from the antivirus middleware.
Preferably, the scanning result comprises a risk type, an object name and a character string type.
The data acquisition system returns the risk type, the object name and the character string type in the scanning result through the antivirus middleware, identifies the acquisition object carrying the virus according to the scanning result so as to isolate the acquisition object carrying the virus and terminate the corresponding acquisition process of the acquisition object carrying the virus.
Preferably, isolating the acquisition object specifically comprises:
and isolating the acquisition objects with the viruses in the third-party antivirus engine, and isolating the acquisition objects with the viruses in the data acquisition system.
And isolating the collection object with the virus so as to avoid influencing a third-party antivirus engine and the data collection system.
Preferably, the terminating the collecting operation specifically comprises:
terminating the collection operation of the data collection system.
And when the collection object carrying the virus is scanned out, stopping the data collection operation so as to prevent the virus from further expanding.
Preferably, the method further includes recording a virus message in an acquisition log of the data acquisition system when the scanning result indicates that a virus exists.
When the collection object carrying the virus is scanned, the virus information is recorded into the collection log, so that the virus analysis and processing can be conveniently carried out according to the collection log. The virus message includes a risk type, an object name, and a string type. Specifically, when a collection object carrying viruses is scanned, alarm information is sent to a data collection system, and a warning effect is achieved.
Example 2
Embodiment 2 of the present invention provides a data acquisition security detection apparatus, which includes a processor and a memory, where the memory stores a computer program, and when the computer program is executed by the processor, the data acquisition security detection method provided in the above embodiments is implemented.
Specifically, the data acquisition safety detection method comprises the following steps:
accessing a third-party antivirus tool, and uploading a collected object to the third-party antivirus engine for safety scanning;
acquiring a scanning result of the third-party antivirus engine;
and when the scanning result is that viruses exist, isolating the acquisition object and terminating the acquisition operation.
The data acquisition safety detection device provided by the embodiment of the invention is used for realizing the data acquisition safety detection method, so that the data acquisition safety detection device has the technical effects of the data acquisition safety detection method, and the data acquisition safety detection device also has the technical effects, and the details are not repeated herein.
Example 3
Embodiment 3 of the present invention provides a computer storage medium on which a computer program is stored, and when the computer program is executed by a processor, the data acquisition security detection method provided by the above embodiments is implemented.
Specifically, the data acquisition safety detection method comprises the following steps:
accessing a third-party antivirus tool, and uploading a collected object to the third-party antivirus engine for safety scanning;
acquiring a scanning result of the third-party antivirus engine;
and when the scanning result is that viruses exist, isolating the acquisition object and terminating the acquisition operation.
The computer storage medium provided by the embodiment of the invention is used for realizing the data acquisition safety detection method, so that the computer storage medium has the technical effects of the data acquisition safety detection method, and the details are not repeated herein.
The above-described embodiments of the present invention should not be construed as limiting the scope of the present invention. Any other corresponding changes and modifications made according to the technical idea of the present invention should be included in the protection scope of the claims of the present invention.
Claims (8)
1. A data acquisition safety detection method is characterized by comprising the following steps:
accessing a software development kit for the third antivirus tool;
in the process of collecting the collected object, uploading the collected object to a antivirus middleware of the third-party antivirus engine in real time, and scanning the collected object through the antivirus middleware;
acquiring a scanning result of the third-party antivirus engine;
and when the scanning result is that viruses exist, isolating the acquisition object and terminating the acquisition operation.
2. The data acquisition security detection method of claim 1, wherein the obtaining of the scanning result of the third-party antivirus engine specifically comprises:
and acquiring the scanning result of the third-party antivirus engine through a miler network protocol.
3. The data collection security detection method of claim 1, wherein the scan result comprises a risk type, an object name, and a string type.
4. The data acquisition security detection method of claim 1, wherein isolating the acquisition object specifically is:
and isolating the acquisition objects with the viruses in the third-party antivirus engine, and isolating the acquisition objects with the viruses in the data acquisition system.
5. The data acquisition security detection method according to claim 1, wherein terminating the acquisition operation specifically comprises:
terminating the collection operation of the data collection system.
6. The data collection security detection method of claim 1, further comprising recording a virus message in a collection log of the data collection system when the scan result is the presence of a virus.
7. A data collection security detection device, comprising a processor and a memory, wherein the memory stores a computer program, and the computer program is executed by the processor to implement the data collection security detection method according to any one of claims 1 to 6.
8. A computer storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the data collection security detection method of any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910840257.0A CN110610087A (en) | 2019-09-06 | 2019-09-06 | Data acquisition safety detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910840257.0A CN110610087A (en) | 2019-09-06 | 2019-09-06 | Data acquisition safety detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110610087A true CN110610087A (en) | 2019-12-24 |
Family
ID=68892483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910840257.0A Pending CN110610087A (en) | 2019-09-06 | 2019-09-06 | Data acquisition safety detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110610087A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060161985A1 (en) * | 2005-01-14 | 2006-07-20 | Trend Micro Incorporated | Method and apparatus for performing antivirus tasks in a mobile wireless device |
| CN101119373A (en) * | 2007-09-04 | 2008-02-06 | 北京大学 | Gateway stream type virus scanning method and system |
| CN103959300A (en) * | 2012-03-21 | 2014-07-30 | 三星Sds株式会社 | Anti-malware system and method for processing data in system |
| CN106357470A (en) * | 2016-11-15 | 2017-01-25 | 中国电子科技集团公司第四十研究所 | Quick sensing method for network threat based on SDN controller |
| CN106384049A (en) * | 2016-09-06 | 2017-02-08 | 亚信科技(成都)有限公司 | Safety protection method and system |
| WO2017028612A1 (en) * | 2015-08-18 | 2017-02-23 | 中兴通讯股份有限公司 | Antivirus method and device for virtual machine |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| US20190220594A1 (en) * | 2018-01-12 | 2019-07-18 | Honeywell International Inc. | System and method for implementing secure media exchange on a single board computer |
-
2019
- 2019-09-06 CN CN201910840257.0A patent/CN110610087A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060161985A1 (en) * | 2005-01-14 | 2006-07-20 | Trend Micro Incorporated | Method and apparatus for performing antivirus tasks in a mobile wireless device |
| CN101119373A (en) * | 2007-09-04 | 2008-02-06 | 北京大学 | Gateway stream type virus scanning method and system |
| CN103959300A (en) * | 2012-03-21 | 2014-07-30 | 三星Sds株式会社 | Anti-malware system and method for processing data in system |
| WO2017028612A1 (en) * | 2015-08-18 | 2017-02-23 | 中兴通讯股份有限公司 | Antivirus method and device for virtual machine |
| CN106469275A (en) * | 2015-08-18 | 2017-03-01 | 中兴通讯股份有限公司 | Virtual machine virus method and device |
| CN107689934A (en) * | 2016-08-03 | 2018-02-13 | 腾讯科技(深圳)有限公司 | A kind of method to ensure information safety, server and client |
| CN106384049A (en) * | 2016-09-06 | 2017-02-08 | 亚信科技(成都)有限公司 | Safety protection method and system |
| CN106357470A (en) * | 2016-11-15 | 2017-01-25 | 中国电子科技集团公司第四十研究所 | Quick sensing method for network threat based on SDN controller |
| US20190220594A1 (en) * | 2018-01-12 | 2019-07-18 | Honeywell International Inc. | System and method for implementing secure media exchange on a single board computer |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6711000B2 (en) | Information processing apparatus, virus detection method, and program | |
| CN110519150B (en) | Mail detection method, device, equipment, system and computer readable storage medium | |
| CN109450955B (en) | Traffic processing method and device based on network attack | |
| CN108134761B (en) | APT detection system and device | |
| CN107566394A (en) | A kind of newly-increased automatic discovery of cloud platform example host and quick vulnerability scanning method | |
| CN106709346B (en) | Document handling method and device | |
| CN110401632B (en) | Malicious domain name infected host tracing method | |
| CN107409134B (en) | Forensic analysis method | |
| CN110351237B (en) | Honeypot method and device for numerical control machine tool | |
| CN105868056B (en) | Obtain the method, apparatus and secure virtual machine of deleted document in Windows virtual machine | |
| CN112511517A (en) | Mail detection method, device, equipment and medium | |
| CN108399129B (en) | H5 page performance detection method | |
| CN110610087A (en) | Data acquisition safety detection method and device | |
| CN106899977B (en) | Abnormal flow detection method and device | |
| CN103812676A (en) | Apparatus and method for realizing log data real-time association | |
| US20180293382A1 (en) | Infected File Detection and Quarantine System | |
| CN114238987A (en) | Intelligent networking automobile APP penetration test method, system and storage medium | |
| CN106919836B (en) | Application port detection method and device | |
| CN111125701B (en) | File detection method, equipment, storage medium and device | |
| CN115484070A (en) | Security detection method and security detection device for encrypted file | |
| CN113515744A (en) | Malicious document detection method, device and system, electronic device and storage medium | |
| CN114048467A (en) | Model data processing method, device, equipment and storage medium based on intrusion detection system | |
| CN114338347A (en) | Ampere platform-based fault information out-of-band acquisition method and device | |
| CN113835954A (en) | Dynamic network security monitoring method, device and equipment | |
| CN103970766A (en) | Data file handling method, device and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191224 |