WO2013111949A1 - Serveur de synchronisation de liste blanche et appareil client - Google Patents

Serveur de synchronisation de liste blanche et appareil client Download PDF

Info

Publication number
WO2013111949A1
WO2013111949A1 PCT/KR2012/011613 KR2012011613W WO2013111949A1 WO 2013111949 A1 WO2013111949 A1 WO 2013111949A1 KR 2012011613 W KR2012011613 W KR 2012011613W WO 2013111949 A1 WO2013111949 A1 WO 2013111949A1
Authority
WO
WIPO (PCT)
Prior art keywords
whitelist
white list
information
section
specific
Prior art date
Application number
PCT/KR2012/011613
Other languages
English (en)
Korean (ko)
Inventor
황규범
Original Assignee
주식회사 안랩
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 안랩 filed Critical 주식회사 안랩
Publication of WO2013111949A1 publication Critical patent/WO2013111949A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • AHUMAN NECESSITIES
    • A41WEARING APPAREL
    • A41DOUTERWEAR; PROTECTIVE GARMENTS; ACCESSORIES
    • A41D19/00Gloves
    • A41D19/015Protective gloves
    • A41D19/01547Protective gloves with grip improving means
    • AHUMAN NECESSITIES
    • A41WEARING APPAREL
    • A41DOUTERWEAR; PROTECTIVE GARMENTS; ACCESSORIES
    • A41D2400/00Functions or special features of garments
    • A41D2400/80Friction or grip reinforcement
    • AHUMAN NECESSITIES
    • A41WEARING APPAREL
    • A41DOUTERWEAR; PROTECTIVE GARMENTS; ACCESSORIES
    • A41D2500/00Materials for garments
    • A41D2500/50Synthetic resins or rubbers
    • A41D2500/54Synthetic resins or rubbers in coated form
    • AHUMAN NECESSITIES
    • A41WEARING APPAREL
    • A41DOUTERWEAR; PROTECTIVE GARMENTS; ACCESSORIES
    • A41D2600/00Uses of garments specially adapted for specific purposes
    • A41D2600/20Uses of garments specially adapted for specific purposes for working activities

Definitions

  • the server divides the white list file by section and provides section-specific information to the client to collect only necessary information of the section for the white list file held by the client.
  • the whitelist By using / to update the whitelist, it relates to techniques that can enable reliable and effective whitelist update and synchronization between the server and the client.
  • the cloud antivirus service using cloud computing technology prevents rescanning when a file scanned is classified into a white list file.
  • Cloud-based whitelists are vastly larger than hundreds of millions and differ in file organization of tens of millions of participants, creating a uniform whitelist like the past, unilaterally transferring them to clients, or PCs, or helping with servers. It is not suitable to operate in the form of creating a whitelist with only the client's information.
  • a server in applying a white list in a cloud vaccine service, divides a white list file by sections and provides section-specific information to a client to collect only necessary information of sections on a white list file held by the client.
  • a server By using / to update the whitelist, it enables reliable and effective whitelist update and synchronization between server and client.
  • the whitelist synchronization server for achieving the above object corresponds to a whitelist including at least one whitelist file determined to be in a normal state through a specific inspection, wherein the at least one whitelist is A configuration information generation unit for classifying a white list section based on a file unique number assigned to each file and generating white list configuration information including at least one of file number information and verification information for each white list section; And providing the whitelist configuration information to a specific client device, and comparing the client whitelist configuration information of the whitelist section corresponding to the whitelist held in the specific client device with the provided whitelist configuration information. It includes a synchronization control unit for determining whether to change the retained white list.
  • a client device including: a white list information storage unit configured to store specific white list and client white list configuration information of a white list section corresponding to the specific white list; A check performing unit excluding a white list file included in the specific white list from the specific inspection target when performing a specific inspection on a plurality of previously held files; And whitelist configuration information including at least one of file number information for each whitelist section and verification information divided based on a file unique number from the whitelist synchronization server, when the client whitelist configuration information and the received whitelist are received. It includes a synchronization unit for determining whether to change the pre-stored specific white list by comparing the configuration information.
  • the synchronization control method of the white list synchronization server for achieving the above object, in response to the white list including at least one white list file determined to be in a normal state through a specific check,
  • the whitelist section is divided based on the file unique number assigned to each of the whitelist files, and the whitelist configuration information including at least one of file number information and verification information for each whitelist section is configured.
  • a synchronization control step for determining whether to change the retained white list.
  • a method of operating a client device including: a white list information storing step of storing client white list configuration information of a specific white list and a white list section corresponding to the specific white list; Performing a specific check on a plurality of pre-stored files, performing a check of excluding a whitelist file included in the specific whitelist from the specific check target; And whitelist configuration information including at least one of file number information for each whitelist section and verification information divided based on a file unique number from the whitelist synchronization server, when the client whitelist configuration information and the received whitelist are received. And a synchronization step of determining whether the specific white list has been changed by comparing configuration information.
  • a server in applying a white list in a cloud vaccine service, divides a white list file by sections and provides section-specific information to a client to collect only necessary information of sections on a white list file held by the client.
  • updating the whitelist using / it is possible to enable reliable and effective whitelist updating and synchronization between the server and the client.
  • FIG. 1 is a block diagram showing a white list synchronization system according to a preferred embodiment of the present invention.
  • FIG. 2 is a block diagram showing the configuration of a white list synchronization server according to a preferred embodiment of the present invention.
  • FIG. 3 is a block diagram showing a configuration of a client device according to a preferred embodiment of the present invention.
  • FIG. 4 is a flowchart illustrating a whitelist synchronization procedure according to a preferred embodiment of the present invention.
  • FIG. 5 is a flowchart illustrating a flow of a method for controlling synchronization of a white list synchronization server according to an exemplary embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a flow of a method of operating a client device according to a preferred embodiment of the present invention.
  • FIG. 7 is an exemplary view showing an example of whitelist configuration information according to a preferred embodiment of the present invention.
  • FIG. 8 is an exemplary view showing an example of detailed information for each lower whitelist section provided according to a preferred embodiment of the present invention.
  • FIG. 1 is a diagram illustrating a whitelist synchronization system according to a preferred embodiment of the present invention.
  • the white list synchronization system may include a client device 100, a white list synchronization server 200, and a file server 300.
  • the white list synchronization server 200 is a server for performing synchronization with each client device 100 for a white list including at least one white list file determined to be in a normal state through a specific inspection.
  • the file server 300 is a server that stores / manages files that are subject to the above-mentioned specific inspection, and stores / manages files provided from other systems, including files provided from each client device 100. can do.
  • the file server 300 may store / manage files by dividing into a malware file, a normal file, an unknown file, or the like.
  • the white list synchronization server 200 uniquely allocates files corresponding to each of the at least one white list file in response to a white list including at least one white list file determined to be in a normal state through the above-described specific inspection.
  • the whitelist section is classified based on the number, and the whitelist configuration information including at least one of the file number information for each divided whitelist section and verification information for verifying all file unique numbers included in the whitelist section is generated. do.
  • the white list synchronization server 200 may directly perform the above-described specific inspection to generate a white list including at least one white list file determined to be normal.
  • the white list synchronization server 200 may generate a white list by obtaining information on a white list file according to a specific inspection performed by another server (not shown), or may generate a white list by another server (not shown). It is also possible to acquire the whitelist generated by performing the inspection.
  • the white list synchronization server 200 may classify the white list section based on the file unique number assigned to each of the at least one white list file in response to the white list.
  • a file sequence number is preferably assigned to each of at least one whitelist file belonging to the whitelist.
  • the subject assigning the file unique number is the file server 300 and is referred to as the file unique number by the white list synchronization server 200, the file server 300, and another server (not shown).
  • the white list synchronization server 200 generates a white list section (eg, 1 million file unique number units) based on a file unique number assigned to each of the at least one white list file in response to the white list. Can be distinguished.
  • a white list section eg, 1 million file unique number units
  • the white list synchronization server 200 may generate, for each divided white list section, white list configuration information including at least one of file number information of a white list file belonging to a corresponding section and verification information for the corresponding section.
  • the verification information of the white list section may include information generated using file unique numbers of the white list file belonging to the white list section, that is, the verification value.
  • the client device 100 may acquire and store / manage a white list including a file held in the client device 100 as a white list file.
  • the whitelist synchronization server 200 includes a file held in the client device 100 as a whitelist file through interworking with at least one of the client device 100 and the file server 300.
  • the whitelist may be provided to the client device 100.
  • the client device 100 may obtain and store / manage the whitelist configuration information of the whitelist section corresponding to the retained whitelist.
  • the whitelist synchronization server 200 may provide the client device 100 with whitelist configuration information of a whitelist section corresponding to the whitelist held in the client device 100.
  • the client device 100 retains the white list generated through the cloud-based specific inspection, and further stores the white list configuration information of the white list section corresponding to the white list owned as the client white list configuration information. Can be managed
  • the client device 100 performs the specific check as described above with respect to a plurality of files previously stored therein, and excludes the whitelist file included in the stored whitelist from the specific check target. something to do.
  • the white list synchronization server 200 provides the white list configuration information to a specific client device 100.
  • the white list configuration information including at least one of file number information and verification information of the white list file for each white list section generated as described above may be provided to the client device 100.
  • the client device 100 determines whether the pre-stored specific white list is changed by comparing the client white list configuration information with the received white list configuration information.
  • the client device 100 may include a whitelist section corresponding to the client whitelist configuration information previously held in the client device 100 based on the verification information for each whitelist section included in the received whitelist configuration information (eg, 400000000 to 429999999). ).
  • the client apparatus 100 may further include file number information and verification information corresponding to the identified white list section (eg, 400000000 to 429999999) of the received white list configuration information, and file number information of the client white list configuration information. And by comparing the verification information to determine whether the same is the same, it is possible to determine whether the specific whitelist is changed.
  • file number information and verification information corresponding to the identified white list section (eg, 400000000 to 429999999) of the received white list configuration information, and file number information of the client white list configuration information.
  • the client device 100 for each lower white list section in the checked white list section (eg, 400000000 to 429999999) Details may be requested to the whitelist synchronization server 200.
  • the white list synchronization server 200 may provide the client device 100 with detailed information for each lower white list section in a specific white list section (eg, 400000000 to 429999999).
  • the whitelist section is subdivided or multi-leveled.
  • the whitelist section may be narrowed and it may be determined whether to change the specific whitelist based on the narrowed whitelist section.
  • the client device 100 based on the detailed information for each lower whitelist section of the confirmed whitelist section (for example 400000000 ⁇ 429999999) or the confirmed whitelist section (for example 400000000 ⁇ 429999999) of the whitelist configuration information, If it is determined that there is a change in the white list because the number of files or the verification information is not the same, the client device 100 may change the list of change information of the white list section corresponding to the previously held white list to the white list synchronization server 200. ) Can be requested.
  • the white list synchronization server 200 may include file unique numbers or file unique number sections and change status information of at least one white list file corresponding to the change information when the change information on the white list is generated.
  • the generated / managed change information list will be provided to the client device 100.
  • the client device 100 may update the internally stored whitelist using the received change information list, or set the whitelist section in which the change occurs as a retest target, and then update the client whitelist configuration information in the above-described specific inspection. Do it.
  • the whitelist synchronization server 200 corresponds to a whitelist including at least one whitelist file determined to be in a normal state through a specific check, and allocates the corresponding list to each of the at least one whitelist file.
  • a configuration information generation unit 220 for classifying a white list section based on the file unique number, and generating white list configuration information including at least one of file number information and verification information for each divided white list section, and a specific client device; Providing the white list configuration information to the (100), by comparing the client white list configuration information of the white list section corresponding to the white list previously held in a specific client device 100 and the provided white list configuration information To determine whether any changes have been made to existing whitelists; And a fisherman agent 240.
  • the white list synchronization server 200 may further include a change information list generation unit 230.
  • the configuration information generation unit 220 corresponds to a white list including at least one white list file determined to be in a normal state through a specific inspection, and assigns a file unique number assigned to each of the at least one white list file. Based on the whitelist section, and generates whitelist configuration information including at least one of the file number information and verification information for each divided whitelist section.
  • the above-described specific test may include a test for diagnosing malware infection on a file to be scanned.
  • the whitelist synchronization server 200 directly generates a whitelist including at least one whitelist file determined to be in a normal state, that is, a safe file state not infected by malicious code, or other server (not shown).
  • the white list generated in the above) can be obtained.
  • the configuration information generation unit 220 may classify the white list section based on the assigned file unique number corresponding to each of the at least one white list file included in the white list.
  • a file sequence number is preferably assigned to each of at least one whitelist file belonging to the whitelist.
  • the subject assigning the file unique number is the file server 300 and is referred to as the file unique number by the white list synchronization server 200, the file server 300, and another server (not shown).
  • the configuration information generation unit 220 generates a white list section (eg, 1 million file unique number units) based on a file unique number assigned to each of the at least one white list file in response to the white list. Can be distinguished.
  • a white list section eg, 1 million file unique number units
  • the configuration information generation unit 220 may generate, for each of the divided white list sections, white list configuration information including at least one of file number information of a white list file belonging to a corresponding section and verification information for the corresponding section. have.
  • the total number of white list files of the white list configuration information may include at least one of file number information for each whitelist section including at least one of the number of malicious files, verification information of the whitelist for each whitelist section, and detailed information for each lower whitelist section in the whitelist section.
  • the verification information of the white list section may include information generated using file unique numbers of the white list file belonging to the white list section, that is, the verification value.
  • the trust file, the general file, and the malicious file are classified by subdividing the white list file, and the white list file having a clear source and author is a trust file, and the white list file having no malicious function in its function and role is general.
  • a white list file which has not been diagnosed as malicious code for a certain time can be classified as a malicious file.
  • the white list configuration information generated by the configuration information generation unit 220 may be as shown in FIG. 7.
  • the white list configuration information includes the total number of white list files (TOTAL W-LIST) of the white list configuration information, the creation date (DATE) of the white list configuration information, and the validity period (VALIDATE TERM). , File count information for each whitelist section, and verification information for each whitelist section, including at least one of the number of trusted files per whitelist section (referred to as normal files in FIG. 7), the number of general files, and the number of malicious files. And detailed information (not shown) for each lower whitelist section in the whitelist section.
  • the white list configuration information as shown in FIG. 7 may be referred to as the highest white list configuration information.
  • the change information list generation unit 230 When the change information for the white list is generated, the change information list generation unit 230 includes file unique numbers or file unique number sections and change state information of at least one white list file corresponding to the change information. Create a change information list.
  • the change information list generation unit 230 generates at least one of the change information corresponding to the generated change information when the change information on the white list generated by the white list synchronization server 200 or obtained by another server (not shown) occurs.
  • File sequence numbers or file sequence number and change status information for one or more whitelist files for example, adding a new whitelist file, deleting an existing whitelist file, changing an existing whitelist file to a malicious file, etc.
  • the change information list including the change status information may be generated.
  • verification information (validation value) that can be given to each whitelist section or to each of at least one whitelist file included in the whitelist is not duplicated due to its characteristics.
  • the change information list generation unit 230 generates and manages a change information list of at least one white list file corresponding to the changed information, and thus, regarding the changed white list file included in the change information list.
  • the verification information (validation value) given for each whitelist section or the verification information (validation value) given to each of at least one whitelist file included in the whitelist is not duplicated. It is desirable to avoid.
  • the change information list generation unit 230 provides the verification information (verification value) given to the changed whitelist file included in the above-described change information list so as not to overlap with the verification information (verification value) already given and used. )
  • the tracking period which indicates how long to maintain the change information list, and reflects verification information (verification value) for the corresponding changed whitelist file in the white list after the tracking period has elapsed. It will be possible.
  • the synchronization controller 240 provides the whitelist configuration information to the specific client device 100, and provides the client whitelist configuration information of the whitelist section corresponding to the whitelist previously held in the specific client device 100 and the provision. By comparing the whitelist configuration information, it is determined whether or not the existing whitelist is changed.
  • the synchronization controller 240 may newly update the whitelist configuration information, or when a specific cycle time arrives, or when a preset specific providing event occurs, such as when manual selection by an operator occurs.
  • the client apparatus 100 may provide whitelist configuration information including at least one of file number information and verification information of the whitelist file for each whitelist section generated as described above, that is, the highest whitelist configuration information as illustrated in FIG. 7. .
  • the client device 100 determines whether the previously stored specific white list is changed by comparing the previously stored client white list configuration information with the white list configuration information provided by the white list synchronization server 200 as described above. Will judge.
  • the synchronization controller 240 may compare the client white list configuration information with the provided white list configuration information from the client apparatus 100. Accordingly, when the detailed information of the specific whitelist section is requested, the client device 100 provides detailed information for each lower whitelist section in the specific whitelist section.
  • the synchronization controller 240 requests a lower white list section in the requested white list section (for example, 400000000 to 429999999). Star information may be provided to the client device 100.
  • the detailed information for each lower whitelist section recognizes a specific whitelist section (for example, 400000000 ⁇ 429999999) corresponding to the upper part as a whole, and thus the total number of whitelist files (TOTAL W-LIST), creation date (DATE), Number of files per lower whitelist section including at least one of validity period (VALIDATE TERM), number of trusted files per lower whitelist section, number of general files and number of malicious files, and verification information for lower whitelist section (verification value) And detailed information (not shown) for each lower whitelist section in the lower whitelist section.
  • the synchronization controller 240 may request a white list section (eg, 400000000 ⁇ ) requested by the client device 100 in response to a detailed request of a specific whitelist section (eg, 400000000 to 429999999). 429999999) provides detailed information for each lower whitelist section, and again requests detailed information of a specific lower whitelist section (for example, 418000000 ⁇ 429999999) among the lower whitelist sections (for example, 418000000 ⁇ 429999999) The process of providing detailed information for each lower whitelist section may be repeated.
  • a white list section eg, 400000000 ⁇
  • a specific whitelist section eg, 400000000 to 429999999.
  • the whitelist section is subdivided or multi-leveled.
  • the whitelist section may be narrowed and it may be determined whether to change the specific whitelist based on the narrowed whitelist section.
  • the client device 100 based on the detailed information for each lower whitelist section of the confirmed whitelist section (for example 400000000 ⁇ 429999999) or the confirmed whitelist section (for example 400000000 ⁇ 429999999) of the whitelist configuration information, If it is determined that there is a change to the white list because the file number information or the verification information is not the same, the client apparatus 100 sets the corresponding white list section in the previously-listed white list as a re-inspection target and then checks the specific inspection described above. May be reexamined without being excluded from the inspection target, or the whitelist synchronization server 200 may request a change list of the corresponding whitelist section.
  • the whitelist synchronization server 200 may request a change list of the corresponding whitelist section.
  • the white list synchronization server 200 may include file unique numbers or file unique number sections and change status information of at least one white list file corresponding to the change information when the change information on the white list is generated.
  • the generated / managed change information list will be provided to the client device 100.
  • the synchronization controller 240 changes the change information.
  • the client device 100 includes the change information list generated by the list generation unit 230 or the partial change information list included in the specific white list section changed on the change information list last provided to the specific client device from the change information list. To provide.
  • the synchronization controller 240 may specify a specific whitelist section, for example, a specific whitelist section (for example, 400000000 to 429999999), or a lower whitelist section (for example, 418000000) from the client device 100.
  • a specific whitelist section for example, 400000000 to 429999999
  • a lower whitelist section for example, 418000000
  • the client device 100 includes a white list information storage unit 110 that stores client white list configuration information of a specific white list and a white list section corresponding to the specific white list, and a plurality of files previously stored.
  • a white list information storage unit 110 that stores client white list configuration information of a specific white list and a white list section corresponding to the specific white list, and a plurality of files previously stored.
  • the white list information storage unit 110 stores client white list configuration information of a specific white list and a white list section corresponding to the specific white list.
  • the white list information storage unit 110 may acquire and store / manage a specific white list including a file held in the client device 100 as a white list file.
  • the whitelist synchronization server 200 includes a file held in the client device 100 as a whitelist file through interworking with at least one of the client device 100 and the file server 300. The whitelist may be provided to the client device 100.
  • the white list information storage unit 110 may obtain the white list configuration information of the white list section corresponding to the retained white list and store / manage it as client white list configuration information.
  • the whitelist synchronization server 200 may provide the client device 100 with whitelist configuration information of a whitelist section corresponding to the whitelist held in the client device 100.
  • the inspection performing unit 120 excludes the whitelist file included in the specific whitelist from the specific inspection target when performing a specific inspection on a plurality of previously held files.
  • the above-described specific test may include a test for diagnosing whether or not a file is a malicious code infection.
  • the inspection performing unit 120 may include a client vaccine that performs a test for diagnosing whether or not a malicious code is infected with respect to a plurality of files previously stored.
  • the inspection performing unit 120 performs a specific inspection as described above on a plurality of files previously stored therein, and excludes the whitelist file included in the stored whitelist from the specific inspection target. something to do.
  • the synchronization unit 130 receives the white list configuration information including at least one of file number information and verification information for each white list section divided based on the file unique number from the white list synchronization server 200. By comparing the list configuration information and the received white list configuration information, it is determined whether the pre-stored specific white list is changed.
  • the synchronization unit 130 may receive the white list configuration information, for example, the highest white list configuration information, as shown in FIG. 7 from the white list synchronization server 200.
  • the synchronization unit 130 determines whether to change the previously stored specific white list by comparing the client white list configuration information stored in the white list information storage unit 110 and the received white list configuration information.
  • the synchronizer 130 checks the whitelist section corresponding to the client whitelist configuration information based on the verification information for each whitelist section included in the received whitelist configuration information, and the File number information and verification of the number of files including at least one of the number of trusted files, the number of general files, and the number of un malicious files corresponding to the checked whitelist section of the received whitelist configuration information, and the number of files of the client whitelist configuration information, and verification. By comparing the information and determining the same, it is possible to determine whether or not to change the specific white list.
  • the synchronization unit 130 may include a white list corresponding to the client white list configuration information previously held in the white list information storage unit 110 based on the verification information for each white list section included in the received white list configuration information. Check the interval (ex: 400000000 ⁇ 429999999).
  • the synchronization unit 130 the number of file information corresponding to the identified white list section (e.g. 400000000 ⁇ 429999999) of the received white list configuration information, that is, the number of trusted files, the number of general files and the number of un malicious files, respectively.
  • the number of files of the client whitelist configuration information previously held in the whitelist information storage unit 110 that is, the number of trusted files, the number of normal files, and the number of un malicious files, respectively, the same is determined. It is possible to determine whether or not the list has been changed.
  • the synchronization unit 130 when it is determined that the specific white list is changed as a result of the comparison of the client white list configuration information and the received white list configuration information, the synchronization unit 130 includes a lower white in the white list section corresponding to the specific white list.
  • the detailed information per list section may be requested to the white list synchronization server 200, and a change area for the specific white list previously stored may be checked based on the received detailed information for each lower white list section.
  • the whitelist synchronization server 200 may request detailed information for each lower whitelist section in the whitelist section corresponding to the whitelist.
  • the synchronization unit 130 includes a lower white list in the checked white list section (eg, 400000000 to 429999999). Details of each section may be requested to the white list synchronization server 200.
  • the synchronization unit 130 receives detailed information of each lower whitelist section in the requested specific whitelist section (eg, 400000000 to 429999999) from the whitelist synchronization server 200, and Based on the comparison of the client whitelist configuration information, it is possible to determine whether to change the whitelist, and when the change is determined again, for each lower whitelist section within a specific lower whitelist section (for example, 418000000 to 429999999) among the lower whitelist sections. The process of requesting details can be repeated.
  • a specific lower whitelist section for example, 418000000 to 429999999
  • the synchronization unit 130 may check a change region for the specific white list previously stored based on the received detailed information for each lower white list section.
  • the synchronization unit 130 repeats the process of requesting / compareing detailed information for each lower whitelist section (for example, three times), and then changes the file list number range of the lower whitelist section determined as the whitelist change. Can be checked on the whitelist.
  • the synchronization unit 130 may check (eg, DIRTY) a change area determined as a white list change, that is, a storage area storing a file unique number range.
  • the synchronization unit 130 changes information of the white list section corresponding to the specific white list.
  • the list may be requested to the white list synchronization server 200, and a change area for the specific white list may be checked based on the received change information list.
  • the synchronization unit 130 retains white.
  • the change list of the white list section corresponding to the list (for example, 400000000 to 429999999) may be requested to the white list synchronization server 200.
  • the synchronization unit 130 repeats the process of requesting / compareing detailed information for each lower whitelist section as described above (for example, three times), and then changes the region determined as a whitelist change, that is, the lower whitelist section (for example, The change information list of 418000000 to 429999999 may be requested to the whitelist synchronization server 200.
  • the synchronization unit 130 may receive, from the white list synchronization server 200, a partial change information list extracted and generated based on the entire change information list or the file unique number included in the requested white list section.
  • the synchronization unit 130 may check a change area for the specific white list previously stored based on the received change information list.
  • the synchronization unit 130 may include file unique numbers or file unique number sections included in the change information list and corresponding change state information (for example, adding a new white list file, deleting an existing white list file, and malicious existing white list file).
  • a white list file corresponding to the file unique number included in the change area determined by the white list change, that is, the par change information list can be checked.
  • the synchronization unit 130 may check (eg, DIRTY) a change area determined as a white list change, that is, a storage area storing a file unique number.
  • the synchronization unit 130 may update the internally stored white list.
  • the synchronization unit 130 obtains state information on at least one file corresponding to the changed area checked in the white list stored internally from the white list synchronization server 200 and according to the obtained state information. It is desirable to update on the whitelist.
  • the synchronization unit 130 performs the above-mentioned white list on the basis of each file unique number of a plurality of files to be inspected.
  • a file with a file unique number that exists without checking the change area can be recognized as a normal whitelist file and can only be checked for simple file changes or can be skipped and excluded from the check.
  • the inspection performing unit 120 starts to perform the above-described specific inspection
  • the synchronization unit 130 based on the file unique number for each of the plurality of files to be inspected
  • the above-described change list in the above-described white list Since the file with the file unique number with the check may not be a white list file, state information of the corresponding file is obtained from the white list synchronization server 200 and added, deleted, or deleted from the specific white list according to the obtained state information. It is preferable to update by performing a change or the like.
  • the synchronization unit 130 re-examines the determined whitelist section from the specific whitelist. Can be set as target.
  • the determined whitelist section (eg 400000000 ⁇ 429999999) can be set as a retest target in the previously saved whitelist.
  • the synchronization unit 130 repeats the process of requesting / compareing detailed information for each lower whitelist section as described above (for example, three times), and then changes the region determined as a whitelist change, that is, the lower whitelist section (for example, : 418000000 ⁇ 429999999) can be set as a retest target in the previously saved white list.
  • the file of the whitelist section set as the re-inspection target in the synchronization unit 130 loses its meaning as a whitelist file and becomes the inspection target.
  • the inspection will be performed by the inspection performing unit 120, and the synchronization unit 130 updates the white list by performing status information acquisition and / or re-search based on the file unique number of the corresponding file during the inspection process.
  • the client whitelist configuration information can be rewritten (updated).
  • the whitelist held in the client device 100 is updated / synchronized to be the same as the corresponding whitelist of the whitelist synchronization server 200, and thus the whitelist of the client device 100 is the whitelist synchronization server 200.
  • the client device 100 may update or change or receive / update the whitelist configuration information to correspond to the updated whitelist.
  • the white list synchronization server divides the white list section based on the file unique number for all the white list files and verifies each section. And generate whitelist configuration information according to the information, and the client device checks only the information of the whitelist section corresponding to the whitelist configuration information of the whitelist held in the client device based on the whitelist configuration information.
  • the whitelist is updated by collecting / using only the necessary information of the section of the retained whitelist file on the client device, thereby providing a reliable and effective connection between the server and the client. List may enable updating and synchronization.
  • the white list synchronization server 200 uniquely allocates files corresponding to each of the at least one white list file in response to a white list including at least one white list file determined to be in a normal state through the above-described specific inspection.
  • the whitelist section is divided based on the number, and whitelist configuration information including at least one of the file number information and the verification information for each divided whitelist section is generated.
  • the white list synchronization server 200 may directly perform the above-described specific inspection to generate a white list including at least one white list file determined to be normal.
  • the white list synchronization server 200 may generate a white list by obtaining information on a white list file according to a specific inspection performed by another server (not shown), or may generate a white list by another server (not shown). It is also possible to acquire the whitelist generated by performing the inspection.
  • the white list synchronization server 200 may classify the white list section based on the file unique number assigned to each of the at least one white list file in response to the white list (S10).
  • a file sequence number is preferably assigned to each of at least one whitelist file belonging to the whitelist.
  • the subject assigning the file unique number is the file server 300 and is referred to as the file unique number by the white list synchronization server 200, the file server 300, and another server (not shown).
  • the white list synchronization server 200 generates a white list section (eg, 1 million file unique number units) based on a file unique number assigned to each of the at least one white list file in response to the white list. Can be distinguished.
  • a white list section eg, 1 million file unique number units
  • the white list synchronization server 200 may generate, for each divided white list section, white list configuration information including at least one of file number information of a white list file belonging to a corresponding section and verification information for the corresponding section. There is (S20).
  • the client device 100 may acquire and store / manage a white list including a file held in the client device 100 as a white list file.
  • the whitelist synchronization server 200 includes a file held in the client device 100 as a whitelist file through interworking with at least one of the client device 100 and the file server 300.
  • the whitelist may be provided to the client device 100.
  • the client device 100 may obtain and store / manage the whitelist configuration information of the whitelist section corresponding to the retained whitelist.
  • the white list synchronization server 200 may provide the client device 100 with whitelist configuration information of a whitelist section corresponding to the whitelist held in the client device 100 (S30).
  • the client device 100 retains the white list generated through the cloud-based specific inspection, and further stores the white list configuration information of the white list section corresponding to the white list owned as the client white list configuration information. Can be managed (S40).
  • the client device 100 performs the specific check as described above with respect to a plurality of files previously stored therein, and excludes the whitelist file included in the stored whitelist from the specific check target. Will be (S50).
  • the white list synchronization server 200 provides the white list configuration information to a specific client device 100 (S60).
  • the white list configuration information including at least one of file number information and verification information of the white list file for each white list section generated as described above may be provided to the client device 100.
  • the client device 100 determines whether the pre-stored specific white list is changed by comparing the client white list configuration information with the received white list configuration information.
  • the client device 100 may include a whitelist section corresponding to the client whitelist configuration information previously held in the client device 100 based on the verification information for each whitelist section included in the received whitelist configuration information (eg, 400000000 to 429999999). ).
  • the client apparatus 100 may further include file number information and verification information corresponding to the identified white list section (eg, 400000000 to 429999999) of the received white list configuration information, and file number information of the client white list configuration information. And by comparing the verification information to determine whether the same (S70), it is possible to determine whether or not to change the specific white list already held (S80).
  • file number information and verification information corresponding to the identified white list section eg, 400000000 to 429999999
  • the client device 100 for each lower white list section in the checked white list section (eg, 400000000 to 429999999)
  • the detailed information may be requested to the white list synchronization server 200 (S90).
  • the white list synchronization server 200 may provide the client device 100 with detailed information for each lower white list section in a specific white list section (eg, 400000000 to 429999999).
  • the whitelist section is subdivided or multi-leveled.
  • the whitelist section may be narrowed and it may be determined whether to change the specific whitelist based on the narrowed whitelist section.
  • the client device 100 based on the detailed information for each lower whitelist section of the confirmed whitelist section (for example 400000000 ⁇ 429999999) or the confirmed whitelist section (for example 400000000 ⁇ 429999999) of the whitelist configuration information, If it is determined that there is a change to the white list because the file number information and the verification information are not the same, the client device 100 may change the list of change information of the white list section corresponding to the previously held white list to the white list synchronization server 200. ) Can be requested (S90).
  • the white list synchronization server 200 may include file unique numbers or file unique number sections and change status information of at least one white list file corresponding to the change information when the change information on the white list is generated.
  • the generated / managed change information list will be provided to the client device 100.
  • the client device 100 may update the internally stored white list by using the received change information list (S100).
  • the synchronization control method of the white list synchronization server according to the present invention is assigned to correspond to each of the at least one white list file in response to a white list including at least one white list file determined to be in a normal state through a specific inspection.
  • the whitelist section is classified based on a file unique number, and whitelist configuration information including at least one of file number information and verification information for each divided whitelist section is generated.
  • the above-described specific test may include a test for diagnosing malware infection on a file to be scanned.
  • the method for controlling synchronization of the whitelist synchronization server directly generates or generates a whitelist including at least one whitelist file determined to be in a normal state, that is, not infected with malicious code through such a check.
  • a white list generated by a server may be obtained (S110).
  • the white list section may be divided based on the assigned file unique number corresponding to each of the at least one white list file included in the white list (S120). ).
  • a file sequence number is preferably assigned to each of at least one whitelist file belonging to the whitelist.
  • the subject assigning the file unique number is the file server 300 and is referred to as the file unique number by the white list synchronization server 200, the file server 300, and another server (not shown).
  • the synchronization control method of the white list synchronization server includes a white list section (eg, 1 million files) based on a file unique number assigned to each of the at least one white list file in response to the white list. Identification number unit).
  • the synchronization control method of the white list synchronization server includes, for each divided white list section, a white list including at least one of file number information of the white list file belonging to the section and verification information for the section. Information may be generated (S130).
  • the total number of white list files of the white list configuration information may include at least one of file number information for each whitelist section including at least one of the number of malicious files, verification information for each whitelist section, and detailed information for each lower whitelist section in the whitelist section.
  • the white list configuration information generated in the synchronization control method of the white list synchronization server according to the present invention may be as shown in FIG. 7.
  • the white list configuration information as shown in FIG. 7 may be referred to as the highest white list configuration information.
  • the white list configuration information of the white list section corresponding to the white list held in the client device 100 may be provided to the client device 100 (S140). ).
  • the changed information when the change information on the white list generated by the white list synchronization server 200 or acquired by another server (not shown) occurs, the changed information generated.
  • the change information list including the change status information about the change etc. may be generated as a file.
  • the synchronization control method of the white list synchronization server provides the white list configuration information to a specific client device 100 (S170), and corresponds to the white list previously held in the specific client device 100. By comparing the client whitelist configuration information of the whitelist section with the provided whitelist configuration information, it is determined whether to change the previously stored whitelist.
  • the synchronization control method of the white list synchronization server may be applied to a method such as when the white list configuration information is newly updated, when a specific cycle time arrives, or when manual selection is made by an operator.
  • the client device may include whitelist configuration information including at least one of file number information and verification information of the whitelist file for each whitelist section generated as described above, that is, the highest whitelist configuration information as illustrated in FIG. 7. 100).
  • the client device 100 determines whether the previously stored specific white list is changed by comparing the previously stored client white list configuration information with the white list configuration information provided by the white list synchronization server 200 as described above. Will judge.
  • the synchronization control method of the white list synchronization server After providing the highest white list configuration information as shown in FIG. 7 to the client device 100, the synchronization control method of the white list synchronization server according to the present invention includes the client white list configuration information and the provided white data from the client device 100.
  • the detailed information of the specific whitelist section is requested according to the comparison result of the list configuration information (S180)
  • the detailed information for the lower whitelist section in the specific whitelist section is provided to the client device 100 (S185).
  • the synchronization control method of the white list synchronization server when the detailed information of a specific white list section (for example, 400000000 to 429999999) is requested from the client device 100, the requested white list section (for example, 400000000 to Detailed information for each lower whitelist section in 429999999 may be provided to the client device 100.
  • a specific white list section for example, 400000000 to 429999999
  • the requested white list section for example, 400000000 to Detailed information for each lower whitelist section in 429999999 may be provided to the client device 100.
  • the detailed information for each lower whitelist section recognizes a specific whitelist section (for example, 400000000 ⁇ 429999999) corresponding to the upper part as a whole, and thus the total number of whitelist files (TOTAL W-LIST), creation date (DATE), Number of files per lower whitelist section including at least one of validity period (VALIDATE TERM), number of trusted files per lower whitelist section, number of general files and number of malicious files, and verification information for lower whitelist section (verification value) And detailed information (not shown) for each lower whitelist section in the lower whitelist section.
  • the synchronization control method of the white list synchronization server according to the present invention, the white requested by the request of the detailed information of a specific white list period (for example 400000000 ⁇ 429999999) from the client device 100 Provides detailed information for each lower whitelist section within the list section (eg 400000000 ⁇ 429999999), and again requests the details of a specific lower whitelist section (eg 418000000 ⁇ 429999999) among the lower whitelist sections. (Eg 418000000 ⁇ 429999999) You can repeat the process of providing detailed information for each lower whitelist section.
  • a specific white list period for example 400000000 ⁇ 429999999
  • the whitelist section is subdivided or multi-leveled.
  • the whitelist section may be narrowed and it may be determined whether to change the specific whitelist based on the narrowed whitelist section.
  • the client device 100 based on the detailed information for each lower whitelist section of the confirmed whitelist section (for example 400000000 ⁇ 429999999) or the confirmed whitelist section (for example 400000000 ⁇ 429999999) of the whitelist configuration information, If it is determined that there is a change to the white list because the file number information or the verification information is not the same, the client device 100 may change the list of change information of the white list section corresponding to the previously held white list to the white list synchronization server 200. ) Can be requested.
  • the change information list generated / managed as described above will be provided to the client device 100 (S190).
  • the change information of the specific white list section according to a result of comparing the client white list configuration information and the provided white list configuration information from the client device 100.
  • the client device 100 provides the changed information list or the partial change information list included in the specific white list section among the changed information list.
  • the synchronization control method of the white list synchronization server may include a specific white list section, for example, a specific white list section (for example, 400000000 to 429999999), or a lower level, from the client device 100.
  • a change information list of a white list section eg, 418000000 to 429999999
  • the change information list may be provided to the client device 100.
  • the client whitelist configuration information of a whitelist and a whitelist section corresponding to the specific whitelist is stored (S200).
  • the method of operating a client device may acquire and store / manage a specific white list including a file held in the client device 100 as a white list file.
  • the whitelist synchronization server 200 includes a file held in the client device 100 as a whitelist file through interworking with at least one of the client device 100 and the file server 300.
  • the whitelist may be provided to the client device 100.
  • the method of operating a client device may obtain whitelist configuration information of a whitelist section corresponding to a retained whitelist and store / manage it as client whitelist configuration information.
  • the whitelist synchronization server 200 may provide the client device 100 with whitelist configuration information of a whitelist section corresponding to the whitelist held in the client device 100.
  • the whitelist file included in the specific whitelist is excluded from the specific check target (S210).
  • the above-described specific test may include a test for diagnosing whether or not a file is a malicious code infection.
  • a method of operating a client device may include a client vaccine for performing a test for diagnosing whether a malicious code is infected with a plurality of files previously stored.
  • a whitelist file included in the stored whitelist may be used at the specific inspection target. Will do so.
  • the whitelist configuration information including at least one of file number information and verification information for each whitelist section divided based on the file unique number is received from the whitelist synchronization server 200
  • the whitelist configuration information as shown in FIG. 7, for example, the highest whitelist configuration information may be received from the whitelist synchronization server 200.
  • the stored white list configuration information is compared with the received white list configuration information to determine whether or not to change the previously stored specific white list.
  • the method of operating a client device may include selecting a whitelist section corresponding to the client whitelist configuration information based on verification information for each whitelist section included in the received whitelist configuration information.
  • a file number information and a file of the client white list configuration information including the number of trusted files and at least one of a normal file number and a malicious file number corresponding to the checked white list section of the received white list configuration information.
  • the whitelist section corresponding to the previously stored client whitelist configuration information based on the verification information for each whitelist section included in the received whitelist configuration information (for example, 400000000) ⁇ 429999999).
  • the method of operating a client device may include file number information corresponding to the identified whitelist section (eg, 400000000 to 429999999) of the received whitelist configuration information, that is, the number of trusted files, the number of general files, and the malicious Whether the number of files is changed by comparing the number of files in the client whitelist configuration information, that is, the number of trusted files, the number of normal files, and the number of un malicious files, respectively, to determine whether the files are the same. Can be determined.
  • the identified whitelist section eg, 400000000 to 429999999
  • the method corresponds to the specific white list.
  • the whitelist synchronization server 200 may request detailed information for each lower whitelist section in the whitelist section corresponding to a specific whitelist.
  • the whitelist synchronization server 200 may request detailed information of each lower whitelist section within the list.
  • the detailed information for each lower whitelist section in the requested specific whitelist section (eg, 400000000 to 429999999) is received from the whitelist synchronization server 200.
  • the whitelist synchronization server 200 determines whether or not to change the white list by comparing with the client white list configuration information, and when the change is determined, the lower part within a specific lower white list section (eg, 418000000 to 429999999) among the lower white list sections.
  • the process of requesting detailed information for each whitelist section can be repeated.
  • the method of operating the client device may check a change region for the specific white list previously stored based on the received detailed information for each lower whitelist section.
  • the changed region determined as the whitelist change that is, the lower whitelist section
  • the method of operating a client device according to the present invention may check (eg, DIRTY) a change area determined as a white list change, that is, a storage area storing a file unique number range.
  • the whitelist corresponding to the specific whitelist may be requested to the white list synchronization server 200, and the change region for the specific white list may be checked based on the received change information list (S250).
  • the whitelist synchronization server 200 may request a list of change information of a whitelist section (eg, 400000000 to 429999999) corresponding to the whitelist.
  • a change area determined as a whitelist change that is, a lower white.
  • the change information list of the list section (eg, 418000000 to 429999999) may be requested to the white list synchronization server 200.
  • the method of operating a client device may receive, from the white list synchronization server 200, a partial change information list extracted and generated based on the entire change information list or the file unique number included in the requested white list section. can do.
  • the method of operating the client device may check a change area for the specific white list previously stored based on the received change information list.
  • the operation method of the client device includes a file unique number included in the change information list and corresponding change state information (for example, adding a new white list file, deleting an existing white list file, and a malicious white list file as malicious files).
  • the white area of the change area determined as the white list change that is, the file unique number corresponding white list file included in the wave change information list can be checked.
  • the method of operating a client device according to the present invention may check (eg, DIRTY) a change area determined as a white list change, that is, a storage area storing a file unique number.
  • the operating method of the client device according to the present invention may update the internally stored white list (S260).
  • the state information of at least one file corresponding to the changed region checked in the white list stored in the internal device is obtained from the white list synchronization server 200, and the obtained state information is obtained. It is desirable to update in the specific whitelist according to.
  • the operation method of the client device includes the above-described change list in the aforementioned whitelist based on each file unique number of a plurality of files to be inspected.
  • a file with a file unique number that exists without a check can be recognized as a normal whitelist file and can only be checked for simple file changes, or it can be omitted from the check.
  • the operation method of the client device based on each file unique number for the plurality of files to be inspected, the above-described change list check in the above-mentioned white list Since a file having a file unique number may not be a white list file, state information of the corresponding file is obtained from the white list synchronization server 200, and added, deleted, changed, etc. in the specific white list according to the obtained state information. It is preferable to perform the update.
  • the whitelist held in the client device 100 is updated / synchronized to be the same as the corresponding whitelist of the whitelist synchronization server 200, and thus the whitelist of the client device 100 is the whitelist synchronization server 200.
  • the client device 100 may update or change or receive / update the whitelist configuration information to correspond to the updated whitelist.
  • the whitelist synchronization server divides the whitelist section based on the file unique number for all the whitelist files and verifies the sections. And generate whitelist configuration information according to the information, and the client device checks only the information of the whitelist section corresponding to the whitelist configuration information of the whitelist held in the client device based on the whitelist configuration information.
  • the whitelist is updated by collecting / using only necessary information of the section of the retained whitelist file in the client device, thereby providing reliable and effective white between the server and the client. Host may enable updating and synchronization.
  • the security document execution method and the document management method of the terminal device may be implemented in the form of program instructions that can be executed by various computer means and recorded in a computer readable medium.
  • the computer readable medium may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on the media may be those specially designed and constructed for the purposes of the present invention, or they may be of the kind well-known and available to those having skill in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tape, optical media such as CD-ROMs, DVDs, and magnetic disks, such as floppy disks.
  • Magneto-optical media and hardware devices specifically configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
  • program instructions include not only machine code generated by a compiler, but also high-level language code that can be executed by a computer using an interpreter or the like.
  • the hardware device described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Textile Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un serveur de synchronisation de liste blanche, un procédé pour commander la synchronisation du serveur de synchronisation de liste blanche, un appareil client, et un procédé pour faire fonctionner l'appareil client. Les modes de réalisation de la présente invention concernent une technologie permettant une mise à jour et une synchronisation extrêmement fiables et efficaces d'une liste blanche entre le serveur et le client en permettant au serveur de diviser un fichier de liste blanche pour chaque période et de fournir au client des informations pour chaque période, et en permettant à la liste blanche d'être mise à jour par la collecte/l'utilisation de seules les informations nécessaires sur le fichier de liste blanche inclus dans le client dans une période correspondante.
PCT/KR2012/011613 2012-01-27 2012-12-27 Serveur de synchronisation de liste blanche et appareil client WO2013111949A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020120008617A KR101277623B1 (ko) 2012-01-27 2012-01-27 화이트리스트 동기화 서버 및 클라이언트 장치
KR10-2012-0008617 2012-01-27

Publications (1)

Publication Number Publication Date
WO2013111949A1 true WO2013111949A1 (fr) 2013-08-01

Family

ID=48867502

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2012/011613 WO2013111949A1 (fr) 2012-01-27 2012-12-27 Serveur de synchronisation de liste blanche et appareil client

Country Status (2)

Country Link
KR (1) KR101277623B1 (fr)
WO (1) WO2013111949A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069137A (zh) * 2020-09-02 2020-12-11 北京百度网讯科技有限公司 生成信息的方法、装置、电子设备及计算机可读存储介质

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102053493B1 (ko) 2017-06-12 2020-01-08 박영춘 화이트 리스트의 안전 패치 시스템 및 방법
KR20190100751A (ko) 2018-02-21 2019-08-29 홍윤환 화이트리스트 기반의 단말기 보안 방법 및 시스템
KR102192909B1 (ko) 2020-04-22 2020-12-18 홍윤환 화이트리스트 기반의 단말기 보안 방법 및 시스템
CN114244760B (zh) * 2021-11-24 2023-09-12 中盈优创资讯科技有限公司 一种客户路由白名单动态更新方法及装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7640589B1 (en) * 2009-06-19 2009-12-29 Kaspersky Lab, Zao Detection and minimization of false positives in anti-malware processing
KR20100116392A (ko) * 2009-04-22 2010-11-01 주식회사 안철수연구소 악성 코드 재검사 방지 정보의 장시간 운용 방법, 장치 및 그 방법을 실행하는 프로그램이 기록된 컴퓨터로 읽을 수 있는 기록매체
US20110055278A1 (en) * 2009-08-31 2011-03-03 Lenovo (Singapore) Pte. Ltd. Setting Information Database Management
KR20110070012A (ko) * 2009-12-18 2011-06-24 주식회사 안철수연구소 시그니처 데이터베이스 업데이트 시스템 및 방법과 클라이언트 단말기의 데이터베이스 업데이트 장치
KR101092342B1 (ko) * 2009-08-13 2011-12-09 주식회사 안철수연구소 파일 축약 정보 생성, 시그니쳐 생성 및 시그너쳐 패턴 검증 장치 및 방법

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8881276B2 (en) 2007-01-09 2014-11-04 Cisco Technology, Inc. Dynamically generated whitelist for high throughput intrusion prevention system (IPS) functionality
KR101045540B1 (ko) 2009-12-28 2011-07-01 (주)유성글로벌 데이터 동기화 시스템 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20100116392A (ko) * 2009-04-22 2010-11-01 주식회사 안철수연구소 악성 코드 재검사 방지 정보의 장시간 운용 방법, 장치 및 그 방법을 실행하는 프로그램이 기록된 컴퓨터로 읽을 수 있는 기록매체
US7640589B1 (en) * 2009-06-19 2009-12-29 Kaspersky Lab, Zao Detection and minimization of false positives in anti-malware processing
KR101092342B1 (ko) * 2009-08-13 2011-12-09 주식회사 안철수연구소 파일 축약 정보 생성, 시그니쳐 생성 및 시그너쳐 패턴 검증 장치 및 방법
US20110055278A1 (en) * 2009-08-31 2011-03-03 Lenovo (Singapore) Pte. Ltd. Setting Information Database Management
KR20110070012A (ko) * 2009-12-18 2011-06-24 주식회사 안철수연구소 시그니처 데이터베이스 업데이트 시스템 및 방법과 클라이언트 단말기의 데이터베이스 업데이트 장치

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069137A (zh) * 2020-09-02 2020-12-11 北京百度网讯科技有限公司 生成信息的方法、装置、电子设备及计算机可读存储介质
CN112069137B (zh) * 2020-09-02 2024-05-17 阿波罗智联(北京)科技有限公司 生成信息的方法、装置、电子设备及计算机可读存储介质

Also Published As

Publication number Publication date
KR101277623B1 (ko) 2013-06-21

Similar Documents

Publication Publication Date Title
WO2013111949A1 (fr) Serveur de synchronisation de liste blanche et appareil client
WO2023038387A1 (fr) Système de commande d'accès réseau d'application sur la base d'un flux de données, et procédé associé
WO2017047928A1 (fr) Serveur et terminal d'utilisateur
WO2021040334A1 (fr) Procédé et appareil permettant de fournir des données dans un système informatique périphérique
WO2010062063A2 (fr) Procédé et système pour prévenir une utilisation illicite liée à un logiciel de navigation
WO2014040501A1 (fr) Procédé et système pour générer et autoriser un mot de passe dynamique
WO2014007516A1 (fr) Système de service à certificat unique et son procédé de fonctionnement
WO2023033588A1 (fr) Système de commande de flux de données dans un terminal de virtualisation, et procédé associé
WO2023090755A1 (fr) Système de contrôle d'accès au réseau d'instance de virtualisation, et procédé associé
WO2018076812A1 (fr) Procédé et dispositif de réponse à une demande de données, support de stockage, serveur et système
WO2020218870A1 (fr) Appareil électronique et procédé de commande associé
WO2018076829A1 (fr) Serveur, support d'informations, système, appareil et procédé de traitement de données de terminal
WO2020062615A1 (fr) Appareil et procédé de réglage de valeur gamma destiné à un panneau d'affichage, et dispositif d'affichage
WO2016200240A1 (fr) Système de gestion de salle et procédé de réglage de service
WO2014204084A1 (fr) Procédé de service de partage d'application et appareil appliqué à ce dernier
WO2023211122A1 (fr) Système de commande de transmission et de réception de fichier d'une application sur la base d'un mandataire et procédé associé
WO2018236141A1 (fr) Procédé de regroupement de rapports de panne , serveur et programme informatique
WO2022108318A1 (fr) Appareil et procédé d'analyse de vulnérabilités de code de contrat intelligent
WO2017071348A1 (fr) Procédé d'accès au réseau, serveur, terminal et système
WO2019218436A1 (fr) Procédé, appareil et dispositif pour surveiller la conduite d'un véhicule, et support d'informations lisible par ordinateur
WO2020206885A1 (fr) Procédé et appareil de déverrouillage
WO2023163504A1 (fr) Système de commande de transmission et de réception de fichier d'application, et procédé associé
WO2023163506A1 (fr) Système de commande de transmission et de réception de fichier d'application, et procédé associé
WO2023146305A1 (fr) Système de commande de transmission et de réception de fichier d'application, et procédé associé
WO2013100648A1 (fr) Dispositif de sauvegarde et serveur de sauvegarde d'informations cibles

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12866738

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12866738

Country of ref document: EP

Kind code of ref document: A1