CN101662467B - Scanning method and device thereof - Google Patents
Scanning method and device thereof Download PDFInfo
- Publication number
- CN101662467B CN101662467B CN2009100936824A CN200910093682A CN101662467B CN 101662467 B CN101662467 B CN 101662467B CN 2009100936824 A CN2009100936824 A CN 2009100936824A CN 200910093682 A CN200910093682 A CN 200910093682A CN 101662467 B CN101662467 B CN 101662467B
- Authority
- CN
- China
- Prior art keywords
- scanned
- current
- message
- condition code
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 230000011218 segmentation Effects 0.000 claims description 69
- 230000009977 dual effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 241000700605 Viruses Species 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a scanning method and a device thereof. The method includes the steps: according to the length of the biggest feature code in internet threat feature codes and the number of current idle threads, segmenting the content to be scanned, leading bytes with the number equal to the length of the biggest feature code to overlap between two adjacent segments, wherein the content to be scanned is a file to be scanned or a message to be scanned; and then sending all segments of the current content to be scanned to the current idle threads respectively for scanning. The scanning method and the device can identify the network threat feature code spanning two segments in the same message or the same file to be scanned, lead the identification of the network threat feature code to be more accurate, and reduce omission rate of the network threats.
Description
Technical field
The embodiment of the invention relates to the communication technology, particularly a kind of scan method and device.
Background technology
Along with the fast development of network application, network environment is complicated day by day, comes from the security threat of application layer, like virus, spam, rogue software etc. network security has been caused tremendous influence.In security gateway equipment such as intrusion detection, Anti Virus Gateway, anti-rubbish mail gateway; Usually adopt content characteristic sign indicating number that content to be scanned is scanned, check whether the condition code of Cyberthreat appears in the content to be scanned based on attack, virus, spam.Along with the continuous development of multithreading and on-chip multi-processor technology, the general CPU of multinuclear (Central Processing Unit; Hereinafter to be referred as: CPU) replaced traditional C PU.
A kind of scan method of the prior art is divided into several sections with content to be scanned according to CPU number or the number of threads of current free time, by each idle CPU or thread each section is scanned respectively.
The inventor is in realizing process of the present invention; Find in the prior art when treating scans content and scan; If two segmentations that the condition code of Cyberthreat is crossed over same message or same file to be scanned; Can't discern the condition code of this Cyberthreat, thereby cause failing to report of Cyberthreat.
Summary of the invention
The embodiment of the invention provides a kind of scan method and device; When crossing over two segmentations of same message or same file to be scanned with the condition code that solves Cyberthreat; The problem that can't discern the condition code of this Cyberthreat; The accurate identification of Cyberthreat condition code in the scans content is treated in realization, has reduced the generation of failing to report of Cyberthreat.
The embodiment of the invention provides a kind of scan method, and this method comprises:
Confirm the segments of current content to be scanned according to current idle thread number, said content to be scanned is file to be scanned or message to be scanned;
Each segment length according to the maximum condition code length in said current content-length to be scanned, the Cyberthreat condition code and said segments are confirmed said current content to be scanned makes an overlapping said maximum condition code length byte between two adjacent segmentations;
Each section of said current content to be scanned sent into current each idle thread respectively to be scanned.
The embodiment of the invention also provides a kind of scanning means, and this device comprises:
Segmentation module is used for confirming according to current idle thread number the segments of current content to be scanned, and said content to be scanned is file to be scanned or message to be scanned; Each segment length according to the maximum condition code length in said current content-length to be scanned, the Cyberthreat condition code and said segments are confirmed said current content to be scanned makes an overlapping said maximum condition code length byte between two adjacent segmentations;
Scan module is used for that each section of current content to be scanned sent into current each idle thread respectively and scans.
Scan method that the embodiment of the invention provides and device; Treat scans content according to the maximum condition code length in the Cyberthreat condition code and idle thread number and carry out segmentation; Can identify the Cyberthreat condition code of crossing over two segmentations in same message or the same file to be scanned; Make the identification of Cyberthreat condition code more accurate, reduced the generation that Cyberthreat is failed to report.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art; The accompanying drawing of required use is done to introduce simply in will describing the embodiment of the invention below; Obviously, the accompanying drawing in describing below only is some embodiments of the present invention, for those of ordinary skills; Under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
The flow chart of scan method first embodiment that Fig. 1 provides for the embodiment of the invention;
The flow chart of scan method second embodiment that Fig. 2 provides for the embodiment of the invention;
The structural representation of scanning means first embodiment that Fig. 3 provides for the embodiment of the invention;
The structural representation of scanning means second embodiment that Fig. 4 provides for the embodiment of the invention.
Embodiment
To combine the accompanying drawing in the embodiment of the invention below, the technical scheme in the embodiment of the invention is carried out clear, intactly description, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills are not making the every other embodiment that is obtained under the creative work prerequisite, all belong to the scope of the present invention's protection.
The flow chart of scan method first embodiment that Fig. 1 provides for the embodiment of the invention, as shown in Figure 1, this method comprises:
Step 101, according to maximum condition code length in the Cyberthreat condition code and current idle thread number; Current content to be scanned is carried out segmentation; Make an overlapping maximum condition code length byte between two adjacent segmentations, content to be scanned is file to be scanned or message to be scanned;
For the ease of describing; In embodiments of the present invention systems such as the rogue attacks in the network, internet worm or spam are become Cyberthreat; Accordingly; The condition code of these rogue attacks, internet worm or spam is referred to as the Cyberthreat condition code, and the condition code that number of characters is maximum in the Cyberthreat condition code is called maximum condition code, and maximum condition code length is the character figure place in the maximum condition code.In addition, to the scanning of internet worm normally to some or some file, and to the scanning of rogue attacks usually to a series of message.Therefore, content to be scanned comprises file to be scanned or message to be scanned.
When treating scans content and scan, main through checking the condition code that whether contains Cyberthreat in the content to be scanned judges whether contain Cyberthreat in the content to be scanned.Wherein, The Cyberthreat condition code is known; Before current content to be scanned is scanned; At first need know the length of the maximum condition code in the known Cyberthreat condition code and the number of threads of current free time, thread and idle CPU to the free time in the embodiment of the invention are referred to as idle thread.
Concrete, can confirm the segments of current content to be scanned according to the number of threads of current free time, for example: the number of threads of current free time is 3, then can current content to be scanned be divided into 3 sections.Further; Can confirm the length of the segmentation of each current idle thread needs scanning according to the length of current content to be scanned, maximum condition code length and segments; Confirm the length of each segmentation according to the length of maximum condition code; Guarantee that per two adjacent segmentations all have the overlapping of a maximum condition code length byte, for example: the corresponding position of first segmentation is the 0th~a n byte, if maximum condition code length is y; Then the corresponding original position of second segmentation is n-y; Avoided the Cyberthreat condition code to cross over two segmentations of same message or identical file, so that when adopting each idle thread respectively each section to be scanned, problem that can't recognition network threat characteristics sign indicating number.
Step 102, each section of current content to be scanned sent into current idle thread respectively scan.
Wherein, When current content to be scanned is carried out segmentation; Have the thread of a correspondence to carry out corresponding segment processing, after current content to be scanned was carried out segmentation, the current thread of processing segmentation was sent each section of content to be scanned into current each idle thread respectively and is scanned.
The scan method that the embodiment of the invention provides; Treat scans content according to the maximum condition code length in the Cyberthreat condition code and idle thread number and carry out segmentation; Can identify the Cyberthreat condition code of crossing over two segmentations in same message or the identical file; Make the identification of Cyberthreat condition code more accurate, reduced the generation of failing to report of Cyberthreat.
The flow chart of scan method second embodiment that Fig. 2 provides for the embodiment of the invention, as shown in Figure 2, this method comprises:
Step 201, obtain maximum condition code length and said current idle thread number in the Cyberthreat condition code;
Step 202, confirm the segments of current content to be scanned according to current idle thread number;
Step 203, each segment length of confirming current content to be scanned according to the maximum condition code length and the segments of current content-length to be scanned, Cyberthreat;
Concrete; Can confirm the segments of current content to be scanned according to the number of threads of current free time; Further; Can confirm the length of the segmentation of each current idle thread needs scanning according to the length of current content to be scanned, maximum condition code length and segments in the Cyberthreat condition code, can carry out segmentation according to formula:
len=(x+(z-1)*y)/z
Wherein, len representes the length of segmentation; X representes the length of current content to be scanned; Y representes maximum condition code length; Z representes segments;
Then first section scope is first byte~len byte of x, and the scope of second segmentation is len-y byte~2*len-y byte ... the scope of n segmentation is the individual byte of (n-1) * (len-y)~y byte of n*len-(n-1) *.Per two adjacent segmentations all have the overlapping of y byte, therefore, can identify the Cyberthreat condition code that sign indicating number is crossed over two segmentations of same message or identical file.
Step 204, each section of current content to be scanned sent into current each idle thread respectively scan.
When current each idle thread scans each section of current content to be scanned respectively, if this time scanning needle right be illegal attack, content then to be scanned is a series of continuous messages to be scanned; Then need successively these messages to be carried out segmentation and scanning, concrete, during current message of every scanning; At first to carry out segmentation to this message; Adopt current idle thread respectively each segmentation to be scanned then, when next message gets into, carry out identical segmentation and scanning step.And to the scanning of a series of continuous messages, can carry out based on state machine and non-state machine dual mode:
Scanning based on the state machine mode: under this scan mode, before scanning, need carry out initialization to known diverse network threat characteristics sign indicating number, generate the state jump list, for example: the Cyberthreat condition code is " ABC ", and corresponding state is " 123 ".When in content to be scanned, scanning character " A ", the state in the internal memory jumps to state " 1 " automatically, and when like this condition code " ABC " being arranged in scanning content to be scanned, the state in the corresponding internal memory becomes " 2 " from " 1 " successively and becomes " 3 " again.Because the Cyberthreat condition code possibly crossed over two messages, promptly crosses over the rear of first message and first section of second message, therefore; After current message rear to be scanned is scanned; Need the end-state that rear is corresponding in internal memory, preserve,, can identify the situation that the Cyberthreat condition code is crossed over message that whether occurs so that when first section of next one message to be scanned scanned; When first section of next one message to be scanned is scanned; At first check the end-state that whether exists a message rear to be scanned corresponding in the internal memory,, then upgrade according to the state of the corresponding end-state of a last message rear to be scanned to first section correspondence of current message to be scanned if exist; Like this; If the Cyberthreat condition code has been crossed over a last message and current message, then still can continue the state continuation redirect of a last message rear, just can identify the Cyberthreat condition code of crossing over two messages to the scanning of first section of current message.If there is not the end-state of the correspondence of the last message rear of preservation in the internal memory, then current message possibly be first message of sequence of message, then can directly adopt current each idle thread respectively each section of current message to be scanned to be scanned.
Scanning based on non-state machine mode: with scan similar based on the state machine mode; Because scanning based on non-state machine mode; There is not corresponding state in each Cyberthreat condition code, therefore, when the Cyberthreat condition code is crossed over two messages, is omitted; After current message rear to be scanned is scanned, a rear maximum condition code length byte reciprocal is saved to internal memory.When treating first section of next message scanned; If preserve a message rear to be scanned maximum condition code length byte reciprocal in the internal memory; At first a last message rear of preserving in a internal memory maximum condition code length byte reciprocal and current message are spliced for first section; And then current message to be scanned scanned for first section; If there is not a message rear to be scanned maximum condition code length byte reciprocal in the internal memory, then current message possibly be first message of sequence of message, then can directly adopt current each idle thread respectively each section of current message to be scanned to be scanned.
The scan method that the embodiment of the invention provides is treated scans content according to the maximum condition code length in the Cyberthreat condition code and idle thread number and is carried out segmentation, can identify the Cyberthreat condition code of two segmentations of crossing over same message or identical file.When scanning to a series of message; When first section of current message to be scanned is scanned; According to the corresponding end-state of last one message rear to be scanned current state is upgraded, maybe will be gone up first section splicing mutually of an a message rear maximum condition code length byte reciprocal and current message, thereby can identify the Cyberthreat condition code of crossing over two messages; Make the identification of Cyberthreat condition code more accurate, reduced the generation of failing to report of Cyberthreat.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can be accomplished through the relevant hardware of program command; Aforesaid program can be stored in the computer read/write memory medium; This program the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
The structural representation of scanning means first embodiment that Fig. 3 provides for the embodiment of the invention, as shown in Figure 3, this device comprises segmentation module 31 and scan module 32; Wherein: segmentation module 31 is used for according to the maximum condition code length of Cyberthreat condition code and current idle thread number current message to be scanned being carried out segmentation; Make an overlapping maximum condition code length byte between two adjacent segmentations, content to be scanned is file to be scanned or message to be scanned; Scan module 32 is used for that each section of current content to be scanned sent into current each idle thread respectively and scans.
When treating scans content and scan, main through checking the condition code that whether contains Cyberthreat in the content to be scanned judges whether contain Cyberthreat in the content to be scanned.Wherein, these Cyberthreat condition codes are known, before current file to be scanned is scanned, at first need know maximum condition code length and the number of threads of current free time in the known Cyberthreat condition code.
Wherein, segmentation module 31 can be confirmed the segments of current content to be scanned according to the number of threads of current free time, and for example: the number of threads of current free time is 3, then can current content to be scanned be divided into 3 sections.Further, segmentation module 31 can also be confirmed the length of the segmentation of each current idle thread needs scanning according to the length of current content to be scanned, maximum condition code length and segments.Confirm the length of each segmentation according to the length of maximum condition code; Guarantee that per two adjacent segmentations all have the overlapping of a maximum condition code length byte; For example: the corresponding position of first segmentation is the 0th~a n byte; If maximum condition code length is y, then the corresponding original position of second segmentation is n-y, has avoided the Cyberthreat condition code to cross over two segmentations of same message or identical file; So that when adopting each idle thread respectively each section to be scanned, problem that can't recognition network threat characteristics sign indicating number.Segmentation module 31 is after carrying out segmentation to current content to be scanned, and scan module 32 is sent these segmentations into current idle thread respectively and scanned.
The scanning means that the embodiment of the invention provides; Treat scans content according to the maximum condition code length in the Cyberthreat condition code and idle thread number and carry out segmentation; Can identify the Cyberthreat condition code of crossing over two segmentations in same message or the identical file; Make the identification of Cyberthreat condition code more accurate, reduced the generation of failing to report of Cyberthreat.
The structural representation of scanning means second embodiment that Fig. 4 provides for the embodiment of the invention, as shown in Figure 4, this device comprises segmentation module 31, scan module 32; Further, this device can also comprise: preserve module 33 and update module 34; Segmentation module 31 can comprise first division unit 311 and second division unit 312; Wherein: preserve module 33 and be used for the corresponding end-state of current message rear to be scanned is saved to internal memory; Perhaps a current content rear to be scanned maximum condition code length byte reciprocal is saved to internal memory; Update module 34 is used for then upgrading according to the state of end-state to first section correspondence of current message to be scanned if internal memory is preserved an end-state that message rear to be scanned is corresponding; Perhaps if preserve a message rear to be scanned maximum condition code length byte reciprocal in the internal memory; Then a last message rear to be scanned maximum condition code length byte reciprocal and current message to be scanned are spliced for first section, generate first section of new message to be scanned.First division unit 311 is used for confirming according to current idle thread number the segments of current content to be scanned; Second division unit 312 is used for confirming according to current content-length to be scanned, maximum condition code length and segments each segment length of current content to be scanned.
Concrete; First division unit 311 in the segmentation module 31 can be confirmed the segments of current content to be scanned according to the number of threads of current free time; Further; Second division unit 312 can be confirmed the length of the segmentation of each current idle thread needs scanning according to the length of current content to be scanned, maximum condition code length and segments, can carry out segmentation according to formula:
len=(x+(z-1)*y)/z
Wherein, len representes the length of segmentation; X representes the length of current content to be scanned; Y representes maximum condition code length; Z representes segments;
Then first section scope is first byte~len byte of x, and the scope of second segmentation is len-y byte~2*len-y byte ... the scope of n segmentation is the individual byte of (n-1) * (len-y)~y byte of n*len-(n-1) *.Per two adjacent segmentations all have the overlapping of y byte, therefore, and the problem that can't discern this Cyberthreat condition code when having avoided the Cyberthreat condition code to cross over two segmentations of same message or identical file.
When current each idle thread of scan module 32 control scans each section of current content to be scanned respectively; If what this time scanning needle was right is illegal attack, content then to be scanned is a series of continuous messages to be scanned, then needs successively these messages to be carried out segmentation and scanning; Concrete; During current message of every scanning, at first to carry out segmentation, adopt current idle thread respectively each segmentation to be scanned then this message; When next message gets into, carry out identical segmentation and scanning step.And to the scanning of a series of continuous messages, can carry out based on state machine and non-state machine dual mode, concrete:
Scanning based on the state machine mode: scan module 32 is after scanning current message rear to be scanned; Be saved to internal memory through preserving module 33 end-state that rear is corresponding; When first section of 32 pairs of next one messages to be scanned of scan module scan afterwards; At first check and whether have an end-state that message rear to be scanned is corresponding in the internal memory; If exist, then update module 34 is upgraded according to the state of the corresponding end-state of a last message rear to be scanned to first section correspondence of current message to be scanned; And then scan for first section through 32 pairs of current messages to be scanned of scan module.
Scanning based on non-state machine mode: scan module 32 is after scanning current message rear to be scanned; Preserving module 33 needs a current message rear to be scanned maximum condition code length byte reciprocal is saved to internal memory; Afterwards when first section of 32 pairs of next one messages to be scanned of scan module scan; If preserve a message rear to be scanned maximum condition code length byte reciprocal in the internal memory; Then update module 34 is at first spliced a last message rear to be scanned maximum characteristic length byte reciprocal and the current message to be scanned preserved in the internal memory for first section; And then scan for first section through 32 pairs of current messages to be scanned of scan module; If there is not a message rear to be scanned maximum condition code length byte reciprocal in the internal memory, then current message possibly be first message of sequence of message, and then scan module 32 can directly adopt current each idle thread respectively each section of current message to be scanned to be scanned.Scanning process based on state machine and non-state machine dual mode sees method embodiment for details, repeats no more.
The scanning means that the embodiment of the invention provides is treated scans content according to the maximum condition code length in the Cyberthreat condition code and idle thread number and is carried out segmentation, can identify the Cyberthreat condition code of two segmentations of crossing over same message or identical file.When scanning to a series of message; When first section of current message to be scanned is scanned, current state is upgraded, maybe will be gone up first section splicing mutually of an a message rear maximum condition code length byte reciprocal and current message according to the corresponding end-state of last one message rear to be scanned; Can identify the Cyberthreat condition code of crossing over two messages;, make the identification of Cyberthreat condition code more accurate, reduced the generation of failing to report of Cyberthreat.
What should explain at last is: above embodiment is only in order to explaining technical scheme of the present invention, but not to its restriction; Although with reference to previous embodiment the present invention has been carried out detailed explanation, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these are revised or replacement, do not make the spirit and the scope of the essence disengaging various embodiments of the present invention technical scheme of relevant art scheme.
Claims (8)
1. a scan method is characterized in that, comprising:
Confirm the segments of current content to be scanned according to current idle thread number, said content to be scanned is file to be scanned or message to be scanned;
Each segment length according to the maximum condition code length in said current content-length to be scanned, the Cyberthreat condition code and said segments are confirmed said current content to be scanned makes an overlapping said maximum condition code length byte between two adjacent segmentations;
Each section of said current content to be scanned sent into current each idle thread respectively to be scanned.
2. method according to claim 1 is characterized in that, if said content to be scanned is a message to be scanned, then also comprises:
Before scanning, said Cyberthreat condition code is carried out initialization, generate the state jump list;
The corresponding end-state of said current message rear to be scanned is saved to internal memory.
3. method according to claim 2 is characterized in that, also comprises:
If preserve an end-state that message rear to be scanned is corresponding in the internal memory, then upgrade according to the state of said end-state to first section correspondence of said current message to be scanned.
4. method according to claim 1 is characterized in that, if said content to be scanned is a message to be scanned, then also comprises:
A said current message rear to be scanned said maximum condition code length byte reciprocal is saved to internal memory.
5. method according to claim 4 is characterized in that, also comprises:
If preserve a message rear to be scanned said maximum condition code length byte reciprocal in the internal memory; Then a said last message rear to be scanned said maximum condition code length byte reciprocal and said current message to be scanned are spliced for first section, generate first section of new message to be scanned.
6. a scanning means is characterized in that, comprising:
Segmentation module is used for confirming according to current idle thread number the segments of current content to be scanned, and said content to be scanned is file to be scanned or message to be scanned; Each segment length according to the maximum condition code length in said current content-length to be scanned, the Cyberthreat condition code and said segments are confirmed said current content to be scanned makes an overlapping said maximum condition code length byte between two adjacent segmentations;
Scan module is used for that each section of said current content to be scanned sent into current each idle thread respectively and scans.
7. device according to claim 6 is characterized in that, if said scans content is a message to be scanned, then also comprises:
Preserve module, be used for before scanning, said Cyberthreat condition code being carried out initialization, generate the state jump list; The corresponding end-state of said current message rear to be scanned is saved to internal memory; Perhaps a said current content rear to be scanned said maximum condition code length byte reciprocal is saved to said internal memory.
8. device according to claim 7 is characterized in that, also comprises:
Update module is used for then upgrading according to the state of said end-state to first section correspondence of said current message to be scanned if said internal memory is preserved an end-state that message rear to be scanned is corresponding; If preserve a message rear to be scanned said maximum condition code length byte reciprocal in the internal memory; Then a said last message rear to be scanned said maximum condition code length byte reciprocal and said current message to be scanned are spliced for first section, generate first section of new message to be scanned.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100936824A CN101662467B (en) | 2009-09-27 | 2009-09-27 | Scanning method and device thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100936824A CN101662467B (en) | 2009-09-27 | 2009-09-27 | Scanning method and device thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101662467A CN101662467A (en) | 2010-03-03 |
| CN101662467B true CN101662467B (en) | 2012-08-22 |
Family
ID=41790254
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009100936824A Expired - Fee Related CN101662467B (en) | 2009-09-27 | 2009-09-27 | Scanning method and device thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101662467B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101950339B (en) * | 2010-09-14 | 2012-01-25 | 上海置水软件技术有限公司 | Security protection method and system of computer |
| CN110351220A (en) * | 2018-04-02 | 2019-10-18 | 蓝盾信息安全技术有限公司 | One kind realizing gateway efficient data scanning technique based on packet filtering |
| CN114817327A (en) * | 2022-04-24 | 2022-07-29 | 垒知(成都)科技研究院有限公司 | File version identification method, system, terminal equipment and storage medium |
| CN119066082A (en) * | 2024-09-02 | 2024-12-03 | 武汉达梦数据库股份有限公司 | Optimization method, device and system for target-side concurrency in database synchronization |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7099853B1 (en) * | 2004-02-09 | 2006-08-29 | Trend Micro Incorporated | Configurable hierarchical content filtering system |
| CN101141453A (en) * | 2006-05-19 | 2008-03-12 | 美国凹凸微系有限公司 | Anti-virus and firewall system |
| CN101442412A (en) * | 2008-12-18 | 2009-05-27 | 西安交通大学 | Method for prewarning aggression based on software defect and network aggression relation excavation |
-
2009
- 2009-09-27 CN CN2009100936824A patent/CN101662467B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7099853B1 (en) * | 2004-02-09 | 2006-08-29 | Trend Micro Incorporated | Configurable hierarchical content filtering system |
| CN101141453A (en) * | 2006-05-19 | 2008-03-12 | 美国凹凸微系有限公司 | Anti-virus and firewall system |
| CN101442412A (en) * | 2008-12-18 | 2009-05-27 | 西安交通大学 | Method for prewarning aggression based on software defect and network aggression relation excavation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101662467A (en) | 2010-03-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11599628B2 (en) | Detecting return-oriented programming payloads by evaluating data for a gadget address space address and determining whether operations associated with instructions beginning at the address indicate a return-oriented programming payload | |
| US11003556B2 (en) | Method, device and computer program product for managing storage system | |
| CA2854433C (en) | Fuzzy whitelisting anti-malware systems and methods | |
| CN101662467B (en) | Scanning method and device thereof | |
| US11520883B2 (en) | Systems and methods for causing nonpredictable environment states for exploit prevention and malicious code neutralization for javascript-enabled applications | |
| US20080320452A1 (en) | Software diversity using context-free grammar transformations | |
| US12086278B2 (en) | Method of encoding and decoding memory data for software security, recording medium and apparatus for performing the method | |
| US20180357004A1 (en) | Ensuring in-storage data atomicity and consistency at low cost | |
| CN110351256A (en) | Data back method and system | |
| CN108710702A (en) | A method of data safety storage is realized based on frament reassembling technology | |
| CN111881047B (en) | Method and device for processing obfuscated script | |
| CN112035843A (en) | Vulnerability processing method and device, electronic equipment and storage medium | |
| CN111898130B (en) | Method and system for realizing integrity protection of fine-grained control flow | |
| US11269521B2 (en) | Method, device and computer program product for processing disk unavailability states | |
| CN111857543B (en) | Method, apparatus and computer program product for data migration | |
| US10761940B2 (en) | Method, device and program product for reducing data recovery time of storage system | |
| CN117454365A (en) | Defense methods, devices, equipment and storage media for bytecode decompilation | |
| CN107678928B (en) | Application program processing method and server | |
| CN115208601B (en) | Method and system for actively defending malicious scanning | |
| US11481333B2 (en) | Method, electronic device, and computer program storage for hashing and dividing data | |
| CN108133154A (en) | A kind of method and device stored to file | |
| CN114722386A (en) | U disk transmission monitoring method based on Fanotify mechanism | |
| CN113409850A (en) | Method, device, storage medium and terminal for improving programming efficiency | |
| CN114328001B (en) | Method and device for detecting fault injection attack on RAM and storage medium | |
| CN116661975B (en) | Process running control method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD. Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee after: Huawei Symantec Technologies Co., Ltd. Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River Patentee before: Chengdu Huawei Symantec Technologies Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120822 Termination date: 20190927 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |