CN107370747A - A kind of method and device for preventing malicious file from propagating - Google Patents

A kind of method and device for preventing malicious file from propagating Download PDF

Info

Publication number
CN107370747A
CN107370747A CN201710691531.3A CN201710691531A CN107370747A CN 107370747 A CN107370747 A CN 107370747A CN 201710691531 A CN201710691531 A CN 201710691531A CN 107370747 A CN107370747 A CN 107370747A
Authority
CN
China
Prior art keywords
file
file destination
server
terminal
solicited message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710691531.3A
Other languages
Chinese (zh)
Inventor
吕玉超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qianxin Technology Co Ltd
Original Assignee
Beijing Qianxin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qianxin Technology Co Ltd filed Critical Beijing Qianxin Technology Co Ltd
Priority to CN201710691531.3A priority Critical patent/CN107370747A/en
Publication of CN107370747A publication Critical patent/CN107370747A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Embodiment of the invention discloses that a kind of method and device for preventing malicious file from propagating, proxy server in this method is receiving being uploaded to server or after the solicited message of server downloading object file of terminal transmission, obtains the file destination.The file destination is checked, so as to judge the security of the file destination.Only when the file destination does not carry malicious virus, just the file destination can be uploaded onto the server or be sent to terminal according to solicited message.And when the file destination is malicious file, then the file destination is put into viral isolated area.File destination can not be run in viral isolated area, also it can not upload onto the server or be sent to terminal, so as to prevent the propagation of malicious file, malicious file is eliminated to server and the security threat of terminal, while also prevent malicious file to attack proxy server in itself.

Description

A kind of method and device for preventing malicious file from propagating
Technical field
The present invention relates to technical field of network security, more particularly, to a kind of method for preventing malicious file from propagating and dress Put.
Background technology
Network agent refers to allowing a network terminal (generally client) to pass through this service and another network Terminal (generally server) carries out indirect connection.The network equipments such as some gateways, router possess network agent function. In network agent, client creates with proxy server connect first, is assisted then according to being acted on behalf of used in proxy server View, ask to create server connection or obtain the specified resource of server (such as:File).
However, when user is to transmitting file on cloud server, if the file uploaded is malicious file, high in the clouds clothes are uploaded to The malicious file of business device can not only influence the performance of cloud server, can also cause the propagation of malicious file.Meanwhile when user from When cloud server downloads file, if the file downloaded is malicious file, the terminal for also resulting in download this document is disliked by this The attack of meaning file.
During the embodiment of the present invention is realized, inventor has found to transmit between the terminal of existing user and server In file processes, easily because the file of transmission is malicious file, so as to cause the propagation of malicious file, be user terminal and The safety belt of server threatens.
The content of the invention
The technical problems to be solved by the invention are that how to solve to transmit text between the terminal of existing user and server It is the terminal kimonos of user so as to cause the propagation of malicious file easily because the file of transmission is malicious file during part The problem of safety belt of business device is to threaten.
For above technical problem, the embodiment provides a kind of method for preventing malicious file from propagating, including:
The solicited message to server upload or from server downloading object file that receiving terminal is sent;
The file destination is obtained according to the solicited message;
If the file destination carries malicious virus, the file destination is stored in viral isolated area;
If the file destination uploads to the file destination according to the solicited message not carry malicious virus The server is sent to the terminal.
Alternatively, if the file destination carries malicious virus, the file destination is stored in viral isolation After area, in addition to:
Judge whether the file destination can be repaired not carry the secure file of malicious virus, if so, by the target File reparation is the secure file;
The secure file is uploaded to by the server according to the solicited message or sends the secure file To the terminal.
Alternatively, in addition to:
If the file destination can not be repaired as the secure file, and the solicited message is to be uploaded to the server The file destination, then it is malicious file to send the file destination to the terminal, can not upload to the of the server One prompt message, and send the second prompt message that request staff is handled the file destination;
If the file destination can not be repaired as the secure file, and the solicited message is to be downloaded from the server The file destination, then send the file destination to the terminal and be the 3rd prompt message of malicious file, and send request The 4th prompt message that staff is handled the file destination.
Alternatively, it is described send the file destination to the terminal as the 3rd prompt message of malicious file after, also Including:
If receiving the information for confirming to download the file destination, the file destination is sent to the terminal.
Alternatively, it is described to send the second prompt message or the hair that request staff is handled the file destination After sending the 4th prompt message that request staff is handled the file destination, in addition to:
If receiving the command information for deleting the file destination, the file destination is deleted.
Alternatively, the solicited message from server downloading object file that the receiving terminal is sent;According to the request File destination described in acquisition of information, including:
Receive the solicited message from server downloading object file that the terminal is sent, by the solicited message send to The server;
The feedback information of the server is received, the target text is downloaded from the server according to the feedback information Part.
Alternatively, the solicited message that file destination is uploaded to server that the receiving terminal is sent;According to the request File destination described in acquisition of information, including:
Receive the solicited message that the file destination is uploaded to the server that the terminal is sent;
Obtain the file destination corresponding to the solicited message.
Second aspect, embodiments of the invention additionally provide a kind of device for preventing malicious file from propagating, including:
Receiving module, the request letter to server upload or from server downloading object file sent for receiving terminal Breath
Acquisition module, for obtaining the file destination according to the solicited message;
First processing module, if carrying malicious virus for the file destination, the file destination is stored in disease Malicious isolated area;
Second processing module, if for the file destination not carry malicious virus, will according to the solicited message The file destination uploads to the server or is sent to the terminal.
Alternatively, the first processing module is additionally operable to judge whether the file destination can be repaired not carry malice disease The secure file of poison, if so, being the secure file by the file destination reparation;According to the solicited message by the safety File uploads to the server or the secure file is sent into the terminal.
Alternatively, the first processing module is additionally operable to:
If the file destination can not be repaired as the secure file, and the solicited message is to be uploaded to the server The file destination, then it is malicious file to send the file destination to the terminal, can not upload to the of the server One prompt message, and send the second prompt message that request staff is handled the file destination;
If the file destination can not be repaired as the secure file, and the solicited message is to be downloaded from the server The file destination, then send the file destination to the terminal and be the 3rd prompt message of malicious file, and send request The 4th prompt message that staff is handled the file destination.
Alternatively, will if the first processing module is additionally operable to receive the information for confirming to download the file destination The file destination is sent to the terminal.
The first processing module is additionally operable to second that transmission request staff is handled the file destination and carried After showing information or sending the 4th prompt message that request staff is handled the file destination, deleted if receiving Except the command information of the file destination, then the file destination is deleted.
Alternatively, the first processing module is additionally operable to receive that the terminal sends from server downloading object file Solicited message, the solicited message is sent to the server;
The acquisition module is additionally operable to receive the feedback information of the server, according to the feedback information from the service Device downloads the file destination.
Alternatively, the receiving module is additionally operable to receive the literary to the server upload target of the terminal transmission The solicited message of part;
The acquisition module is additionally operable to obtain the file destination corresponding to the solicited message.
The third aspect, embodiments of the invention additionally provide a kind of electronic equipment, including:
At least one processor, at least one memory, communication interface and bus;Wherein,
The processor, memory, communication interface complete mutual communication by the bus;
The communication interface is used between the electronic equipment and the communication equipment of server or the communication equipment of terminal Information transfer;
The memory storage has and by the programmed instruction of the computing device, the processor described program can be called to refer to Order is able to carry out the process described above.
Fourth aspect, embodiments of the invention additionally provide a kind of non-transient computer readable storage medium storing program for executing, described non-temporary State computer-readable recording medium storage computer instruction, the computer instruction make the computer perform above-described side Method.
The embodiment provides a kind of method and device for preventing malicious file from propagating, the server in this method Either proxy server is receiving the request letter to server upload or from server downloading object file of terminal transmission After breath, the file destination is obtained.The file destination is checked, so as to judge the security of the file destination.Only when this When file destination does not carry malicious virus, just the file destination can be uploaded onto the server or be sent to end according to solicited message End.And when the file destination is malicious file, then the file destination is put into viral isolated area.File destination is isolated in virus Area can not be run, and also can not upload onto the server or be sent to terminal, so as to prevent the propagation of malicious file, eliminate evil File anticipate to server and the security threat of terminal, at the same also prevent malicious file to server or proxy server in itself Attacked.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are this hairs Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can be with root Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet for the method for preventing malicious file from propagating that one embodiment of the invention provides;
Fig. 2 is the relation schematic diagram between another embodiment of the present invention offer terminal, server and proxy server;
Fig. 3 is the structural representation for the proxy server that another embodiment of the present invention provides;
Fig. 4 is the structured flowchart for the device for preventing malicious file from propagating that another embodiment of the present invention provides;
Fig. 5 is the structured flowchart for the electronic equipment that another embodiment of the present invention provides.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
Fig. 1 is the schematic flow sheet for the method that a kind of prevention malicious file that the present embodiment provides is propagated, should referring to Fig. 1 Method includes:
101:The solicited message to server upload or from server downloading object file that receiving terminal is sent;
102:The file destination is obtained according to the solicited message;
103:If the file destination carries malicious virus, the file destination is stored in viral isolated area;
104:If the file destination is does not carry malicious virus, according to the solicited message by the file destination Pass to the server or be sent to the terminal.
It should be noted that the method that the present embodiment provides is by being arranged on the communication link between server and terminal Proxy server is performed, or is performed by server, and the present embodiment is not specifically limited to this.It will be appreciated that the present embodiment The method of offer is also applied for connection two mutually in the connection equipment of the equipment of transmission data, for ensureing that the two are mutually passed on from one to another The security of the equipment of transmission of data.Described malicious virus includes computer virus, worm, wooden horse etc., this implementation in the present embodiment Example is not specifically limited to this.
Wherein, if the file destination is does not carry malicious virus, according to the solicited message by the target File uploads to the server or is sent to the terminal, including:
If the file destination is does not carry malicious virus, and the solicited message is to upload the target text to server Part, then the file destination is uploaded into the server;
If the file destination is does not carry malicious virus, and the solicited message is to download the target text from server Part, then the file destination is sent to the terminal.
For example, Fig. 2 shows the relation schematic diagram between terminal in the present embodiment, server and proxy server, ginseng Fig. 2 is seen, when terminal 201 (mobile phone or computer) is to transmitting file on cloud server 203, according to the path A in Fig. 2, terminal 201 file destinations that will be uploaded are sent to proxy server 202, and file destination is uploaded into cloud service by proxy server Device 203.The method kind that the present embodiment provides, after file destination is uploaded to proxy server 202, proxy server 202 is to this File destination is scanned, and judges whether the file destination is malicious file, if it is not, file destination then is uploaded into high in the clouds clothes Business device 203, otherwise, is stored in viral isolated area by the file destination, prevents the propagation of the file destination.When terminal takes from high in the clouds During business 203 downloading object file of device, after proxy server 202 receives the request of the downloading object file of the transmission of terminal 201, press According to the path B in Fig. 2, proxy server 202 is scanned to file destination, sentenced from the downloading object file of cloud server 203 Whether the disconnected file destination is malicious file, if it is not, the file destination then is sent into terminal 201, otherwise, by target text Part is stored in viral isolated area, prevents the propagation of the file destination.
It will be appreciated that if the solicited message that the file destination is uploaded to server that receiving terminal is sent, described The identification information of terminal, and the identification information of file destination are carried in solicited message, while terminal can send out file destination Deliver to proxy server.If the solicited message from server downloading object file that receiving terminal is sent, taken in solicited message Identification information with terminal is, it is necessary to the identification information for the file destination downloaded.Electricity
Malicious virus is the code for the destruction computer function or data inserted in a program, and can influence computer makes With the one group of computer instruction or program code of energy self-replacation.Malicious file considers the file of the computer to carry.Judge During whether file destination is malicious file, file destination is scanned, checks whether it includes malicious virus, if bag Contain, then judge that file destination is malicious file, if not including, judge that file destination is not malicious file.Judge file destination Whether it is that the process of malicious file can be performed by the antivirus engine on proxy server or antivirus software, the present embodiment is to this It is not specifically limited.
Viral isolated area is a special folder for being used to deposit file, and the file in isolated area can not be run, every The other parts in the system of the equipment where it can not be also run or infected from the virus in area.
In order to prevent the maloperation to caused by malicious file direct deletion, identifying file destination for evil in the present embodiment Anticipate after file, viral isolated area is arrived into file destination storage.Viral isolated area whether file destination may be repaired into Row judge, if can repair, by file destination reparation be secure file after, send it to terminal or be uploaded to service Device.If file destination can not be repaired, the staff of correlation is notified to handle file destination, for example, deleting mesh Mark file.
A kind of method for preventing malicious file from propagating is present embodiments provided, the proxy server in this method is receiving What terminal was sent uploads to server or after the solicited message of server downloading object file, obtains the file destination.It is right The file destination is checked, so as to judge the security of the file destination.Only when the file destination does not carry malicious virus When, just the file destination can be uploaded onto the server or be sent to terminal according to solicited message.And when the file destination is to dislike During meaning file, then the file destination is put into viral isolated area.File destination can not be run in viral isolated area, can not also be uploaded To server or terminal is sent to, so as to prevent the propagation of malicious file, eliminates malicious file to server and terminal Security threat, while also prevent malicious file to attack proxy server in itself.
Further, on the basis of above-described embodiment, if the file destination carries malicious virus, by described in File destination is stored in after viral isolated area, in addition to:
Judge whether the file destination can be repaired not carry the secure file of the malicious virus, if so, by described in File destination reparation is the secure file;
The secure file is uploaded to by the server according to the solicited message or sends the secure file To the terminal.
It should be noted that check whether malicious file can be repaired, and the reparation to malicious file, can be by corresponding Software is realized.For example, the software is checked the position where malicious virus in malicious file, if the text of the malicious file Part head is implanted into by virus, then judges that the malicious file can not be repaired.If the malicious virus is implanted in malicious file, and is deleted Do not influence to run the malicious file after the malicious virus, then judge that the malicious file can be repaired.If it is determined that malicious file energy quilt Repair, then the malicious file is repaired, the secure file after being repaired.It will be appreciated that complete to malicious file After reparation, the secure file after reparation can be produced viral isolated area, then secure file uploaded onto the server again or Send to terminal.
It will be appreciated that it is that file destination is uploaded onto the server to work as solicited message, then by the secure file after reparation Pass to server.If solicited message be downloading object file to terminal, the secure file after reparation is sent to terminal.
What the present embodiment provided is prevented in the method that malicious file is propagated, and whether the file for being stored in viral isolated area can Reparation is carried out to be checked, if can be repaired, by malicious file reparation be secure file after send it to again terminal or Person uploads onto the server.Even if the file that this method is uploaded by the reparation to malicious file is malicious file, can also hinder The only propagation of malicious virus.
Further, on the basis of above-mentioned each embodiment, in addition to:
If the file destination can not be repaired as the secure file, and the solicited message is to be uploaded to the server The file destination, then it is malicious file to send the file destination to the terminal, can not upload to the of the server One prompt message, and send the second prompt message that request staff is handled the file destination;
If the file destination can not be repaired as the secure file, and the solicited message is to be downloaded from the server The file destination, then send the file destination to the terminal and be the 3rd prompt message of malicious file, and send request The 4th prompt message that staff is handled the file destination.
Further, it is described to send the file destination to the terminal to dislike on the basis of above-mentioned each embodiment After the 3rd prompt message of file of anticipating, in addition to:
If receiving the information for confirming to download the file destination, the file destination is sent to the terminal.
Further, it is described to send request staff to the file destination on the basis of above-mentioned each embodiment The 4th prompting letter that the second prompt message or transmission request staff handled is handled the file destination After breath, in addition to:
If receiving the command information for deleting the file destination, the file destination is deleted.
When judging that file destination can not be repaired, then sent and carried to corresponding terminal or staff according to solicited message Show information.For example, when the file destination of terminal upload server is malicious file, and the file destination can not be repaired, a side Face needs to send the first prompting of file destination upload server failure (of course, it is possible to the reason for illustrating to upload failure) to terminal Information, on the other hand, it is necessary to send the second prompt message of the file destination in timely processing virus isolated area to staff. Wherein, the first prompt message can be shown in terminal in the form of barrage, to notify user's file destination upload server Failure, and the file destination is malicious file.Second prompt message, can be by sending out to the mailbox of staff set in advance Mail, or the mode of the sending short message by mobile phone to staff is sent to prompt staff's target of timely processing virus isolated area File.For example, staff on interactive device, is inputting the instruction for deleting the file destination, then corresponding to the proxy server The file destination is deleted.
When terminal is from server downloading object file, if proxy server judges the file destination for malicious file, and When the file destination can not be repaired, on the one hand need to send the 3rd prompt message that file destination is malicious file to terminal.Example Such as, the 3rd prompt message is shown in the form of barrage in terminal, and it is malicious file to prompt user's file destination, if it is determined that Download, after user triggers the button for confirming to download, then terminal sends the letter for confirming to download the file destination to proxy server Breath, after proxy server receives the information, even if the file destination is the malicious file of unrepairable, also by the file destination Send to terminal.On the other hand, it is necessary to staff send timely processing virus isolated area in file destination, and even if 4th prompt message of the file destination in processing server.4th prompt message, can be by work people set in advance Member mailbox send mail, or mode from the sending short message by mobile phone to staff prompt staff's timely processing virus every From the file destination in area.For example, staff on interactive device, is inputting and deleted corresponding to the proxy server or server The instruction of the file destination, then the file destination is deleted.
What the present embodiment provided prevents in the method that malicious file is propagated, and can not be repaired as secure file in file destination During, corresponding prompt message on the one hand is sent to terminal, on the other hand sends corresponding prompt message to staff, with The malicious file on staff's timely processing proxy server and server is notified, the confirmation of staff is avoided to mesh The mistake for marking file is deleted, while it also avoid occupancy of the file destination to storage resource to the timely processing of file destination.
Further, on the basis of above-mentioned each embodiment, what the receiving terminal was sent downloads target from server The solicited message of file;The file destination is obtained according to the solicited message, including:
Receive the solicited message from server downloading object file that the terminal is sent, by the solicited message send to The server;
The feedback information of the server is received, the target text is downloaded from the server according to the feedback information Part.
It should be noted that when terminal is from server downloading object file, terminal sends to proxy server and downloads mesh Mark the solicited message of file.After proxy server receives the solicited message, the solicited message is sent to server, server According to the identification information of the file destination carried in solicited message, sent to proxy server and carry the file destination download address Feedback information, download address of the proxy server in the feedback information can download the file destination.
Further, on the basis of above-mentioned each embodiment the receiving terminal send upload target text to server The solicited message of part;The file destination is obtained according to the solicited message, including:
Receive the solicited message that the file destination is uploaded to the server that the terminal is sent;
Obtain the file destination corresponding to the solicited message.
It should be noted that when terminal to server uploads file destination, terminal sends to proxy server and uploads mesh The solicited message of file is marked, while the file destination for needing to upload onto the server is sent to proxy server.
What the present embodiment provided prevents in the method that malicious file is propagated, for from server downloading object file and to clothes Business device uploads two processes of file destination, and after getting file destination in different ways, the file destination is examined Look into, so as to judge whether file destination is malicious file.
Fig. 3 is the structural representation for the proxy server that the present embodiment provides, and referring to Fig. 3, is wrapped in the proxy server Include file scan engine, virus base and engine renewal engine.For example, proxy server downloads file (target from cloud server File) after, with reference to the Virus Sample (or cloud is killed and looked into) and scanning engine being stored in virus base, pass through file scan engine pair This document is scanned, and judges whether carry malicious virus in this document.
Virus base and engine renewal engine are used to be updated virus base, scanning engine according to renewal rule.By using Family update module can set virus base and engine renewal engine obtains the time of new virus base or engine.Engine, virus Storehouse more new demand servicing is used to provide new engine or virus to virus base and engine renewal engine, so as to obtain virus base and engine more After new engine obtains new engine or virus, the virus base and engine of proxy server are updated.
It will be appreciated that proxy server also includes user configuration module, configuration processing module, by the terminal with user Related parameter and the proxy server is configured, and ensures smoothly establish connection between the terminal and proxy server Relation.Scanning and renewal display module are used for the scan progress that display proxy server is scanned to file.
Fig. 4 shows the structured flowchart for the device that a kind of prevention malicious file that embodiments of the invention provide is propagated, ginseng See Fig. 4, what the present embodiment provided prevents the device that malicious file is propagated, including at receiving module 401, acquisition module 402, first Module 403 and Second processing module 404 are managed, wherein,
Receiving module 401, for being uploaded to server for receiving terminal transmission or asking from server downloading object file Seek information
Acquisition module 402, for obtaining the file destination according to the solicited message;
First processing module 403, if carrying malicious virus for the file destination, the file destination is stored in Viral isolated area;
Second processing module 404, if for the file destination not carry malicious virus, according to the solicited message The file destination is uploaded into the server or is sent to the terminal.
The prevention malice that the device that the prevention malicious file that the present embodiment provides is propagated provides suitable for above-described embodiment The method of file propagation, will not be repeated here.
A kind of device for preventing malicious file from propagating is present embodiments provided, server or agency service in the device Device receive terminal transmission to server upload or after the solicited message of server downloading object file, obtain the mesh Mark file.The file destination is checked, so as to judge the security of the file destination.Only when the file destination does not carry During malicious virus, just the file destination can be uploaded onto the server or be sent to terminal according to solicited message.And work as the target When file is malicious file, then the file destination is put into viral isolated area.File destination can not be run in viral isolated area, Terminal can not be uploaded onto the server or be sent to, so as to prevent the propagation of malicious file, eliminates malicious file to service The security threat of device and terminal, while also prevent malicious file to attack server or proxy server in itself.
The third aspect, Fig. 5 are the structured flowcharts for showing the electronic equipment that the present embodiment provides.
Reference picture 5, the electronic equipment include:Processor (processor) 501, memory (memory) 502, communication Interface (Communications Interface) 503 and bus 504;
Wherein,
The processor 501, memory 502, communication interface 503 complete mutual communication by the bus 504;
The communication interface 503 is used between the electronic equipment and the communication equipment of server or the communication equipment of terminal Information transfer;
The processor 501 is used to call the programmed instruction in the memory 502, to perform above-mentioned each method embodiment The method provided, such as including:The request to server upload or from server downloading object file that receiving terminal is sent Information;The file destination is obtained according to the solicited message;If the file destination carries malicious virus, by the target File is stored in viral isolated area;If the file destination is does not carry malicious virus, according to the solicited message by described in File destination uploads to the server or is sent to the terminal.
Fourth aspect, the present embodiment provide a kind of non-transient computer readable storage medium storing program for executing, and the non-transient computer can Storage medium storage computer instruction is read, the computer instruction is provided the above-mentioned each method embodiment of the computer execution Method, such as including:The solicited message to server upload or from server downloading object file that receiving terminal is sent;Root The file destination is obtained according to the solicited message;If the file destination carries malicious virus, the file destination is deposited Storage is in viral isolated area;If the file destination is does not carry malicious virus, according to the solicited message that the target is literary Part uploads to the server or is sent to the terminal.
The present embodiment discloses a kind of computer program product, and the computer program product includes being stored in non-transient calculating Computer program on machine readable storage medium storing program for executing, the computer program include programmed instruction, when described program instruction is calculated When machine performs, computer is able to carry out the method that above-mentioned each method embodiment is provided, it may for example comprise:What receiving terminal was sent Solicited message to server upload or from server downloading object file;The target text is obtained according to the solicited message Part;If the file destination carries malicious virus, the file destination is stored in viral isolated area;If the file destination Not carry malicious virus, then the file destination is uploaded to by the server according to the solicited message or be sent to institute State terminal.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above method embodiment can pass through Programmed instruction related hardware is completed, and foregoing program can be stored in a computer read/write memory medium, the program Upon execution, the step of execution includes above method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or light Disk etc. is various can be with the medium of store program codes.
The embodiments such as electronic equipment described above are only schematical, illustrate wherein described as separating component Unit can be or may not be physically separate, can be as the part that unit is shown or may not be thing Manage unit, you can with positioned at a place, or can also be distributed on multiple NEs.It can select according to the actual needs Some or all of module therein is selected to realize the purpose of this embodiment scheme.Those of ordinary skill in the art are not paying wound In the case of the work for the property made, you can to understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can Realized by the mode of software plus required general hardware platform, naturally it is also possible to pass through hardware.Based on such understanding, on The part that technical scheme substantially in other words contributes to prior art is stated to embody in the form of software product, should Computer software product can store in a computer-readable storage medium, such as ROM/RAM, magnetic disc, CD, including some fingers Make to cause a computer equipment (can be personal computer, server, or network equipment etc.) to perform each implementation Method described in some parts of example or embodiment.
Finally it should be noted that:Various embodiments above is rather than right only illustrating the technical scheme of embodiments of the invention It is limited;Although embodiments of the invention are described in detail with reference to foregoing embodiments, the ordinary skill of this area Personnel should be understood:It can still modify to the technical scheme described in foregoing embodiments, or to which part Or all technical characteristic carries out equivalent substitution;And these modifications or replacement, do not make the essence disengaging of appropriate technical solution The scope of each embodiment technical scheme of embodiments of the invention.

Claims (16)

  1. A kind of 1. method for preventing malicious file from propagating, it is characterised in that including:
    The solicited message to server upload or from server downloading object file that receiving terminal is sent;
    The file destination is obtained according to the solicited message;
    If the file destination carries malicious virus, the file destination is stored in viral isolated area;
    If described in the file destination uploads to the file destination not carry malicious virus, according to the solicited message Server is sent to the terminal.
  2. 2. according to the method described in claim 1, it is characterised in that if the file destination carries malicious virus, After the file destination is stored in into viral isolated area, in addition to:
    Judge whether the file destination can be repaired not carry the secure file of malicious virus, if so, by the file destination Repair as the secure file;
    The secure file is uploaded to by the server according to the solicited message or the secure file is sent to institute State terminal.
  3. 3. according to the method described in claim 2, it is characterised in that also include:
    If the file destination can not be repaired as the secure file, and the solicited message be upload to the server described in File destination, then it is malicious file to send the file destination to the terminal, and can not upload to the server first carries Show information, and send the second prompt message that request staff is handled the file destination;
    If the file destination can not be repaired as the secure file, and the solicited message be download from the server described in File destination, then send the file destination to the terminal and be the 3rd prompt message of malicious file, and send request work The 4th prompt message that personnel are handled the file destination.
  4. 4. according to the method described in claim 3, it is characterised in that described to send the file destination to the terminal to dislike After the 3rd prompt message of file of anticipating, in addition to:
    If receiving the information for confirming to download the file destination, the file destination is sent to the terminal.
  5. 5. according to the method described in claim 3, it is characterised in that described to send request staff to the file destination The 4th prompting letter that the second prompt message or transmission request staff handled is handled the file destination After breath, in addition to:
    If receiving the command information for deleting the file destination, the file destination is deleted.
  6. 6. according to the method described in claim 1, it is characterised in that what the receiving terminal was sent downloads target from server The solicited message of file;The file destination is obtained according to the solicited message, including:
    The solicited message from server downloading object file that the terminal is sent is received, the solicited message is sent to described Server;
    The feedback information of the server is received, the file destination is downloaded from the server according to the feedback information.
  7. 7. according to the method described in claim 1, it is characterised in that what the receiving terminal was sent uploads target to server The solicited message of file;The file destination is obtained according to the solicited message, including:
    Receive the solicited message that the file destination is uploaded to the server that the terminal is sent;
    Obtain the file destination corresponding to the solicited message.
  8. A kind of 8. device for preventing malicious file from propagating, it is characterised in that including:
    Receiving module, the solicited message to server upload or from server downloading object file sent for receiving terminal;
    Acquisition module, for obtaining the file destination according to the solicited message;
    First processing module, if for the file destination carry malicious virus, by the file destination be stored in virus every From area;
    Second processing module, if for the file destination not carry malicious virus, according to the solicited message by described in File destination uploads to the server or is sent to the terminal.
  9. 9. according to the device described in claim 8, it is characterised in that the first processing module is additionally operable to judge the target Whether file can be repaired not carry the secure file of malicious virus, if so, being the safety text by the file destination reparation Part;The secure file is uploaded to by the server according to the solicited message or described in the secure file is sent to Terminal.
  10. 10. according to the device described in claim 9, it is characterised in that the first processing module is additionally operable to:
    If the file destination can not be repaired as the secure file, and the solicited message be upload to the server described in File destination, then it is malicious file to send the file destination to the terminal, and can not upload to the server first carries Show information, and send the second prompt message that request staff is handled the file destination;
    If the file destination can not be repaired as the secure file, and the solicited message be download from the server described in File destination, then send the file destination to the terminal and be the 3rd prompt message of malicious file, and send request work The 4th prompt message that personnel are handled the file destination.
  11. 11. according to the device described in claim 9, it is characterised in that the first processing module is additionally operable to the terminal After sending the 3rd prompt message that the file destination is malicious file, if receiving the letter for confirming to download the file destination Breath, then send the file destination to the terminal.
  12. 12. according to the device described in claim 9, it is characterised in that the first processing module is additionally operable to send request work Make the second prompt message or send request staff to the file destination that personnel are handled the file destination After the 4th prompt message handled, if receiving the command information for deleting the file destination, the target is deleted File.
  13. 13. according to the device described in claim 8, it is characterised in that the receiving module is additionally operable to receive the terminal hair The solicited message from server downloading object file sent, the solicited message is sent to the server;
    The acquisition module is additionally operable to receive the feedback information of the server, according to the feedback information under the server Carry the file destination.
  14. 14. according to the device described in claim 8, it is characterised in that the receiving module is additionally operable to receive the terminal hair That send uploads the solicited message of the file destination to the server;
    The acquisition module is additionally operable to obtain the file destination corresponding to the solicited message.
  15. 15. a kind of electronic equipment, it is characterised in that including:
    At least one processor, at least one memory, communication interface and bus;Wherein,
    The processor, memory, communication interface complete mutual communication by the bus;
    The information that the communication interface is used between the electronic equipment and the communication equipment of server or the communication equipment of terminal Transmission;
    The memory storage has can be by the programmed instruction of the computing device, and the processor calls described program instruction energy Enough perform the method as any one of claim 1 to 7.
  16. 16. a kind of non-transient computer readable storage medium storing program for executing, it is characterised in that the non-transient computer readable storage medium storing program for executing is deposited Computer instruction is stored up, the computer instruction makes the computer perform the method as any one of claim 1 to 7.
CN201710691531.3A 2017-08-14 2017-08-14 A kind of method and device for preventing malicious file from propagating Pending CN107370747A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710691531.3A CN107370747A (en) 2017-08-14 2017-08-14 A kind of method and device for preventing malicious file from propagating

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710691531.3A CN107370747A (en) 2017-08-14 2017-08-14 A kind of method and device for preventing malicious file from propagating

Publications (1)

Publication Number Publication Date
CN107370747A true CN107370747A (en) 2017-11-21

Family

ID=60309763

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710691531.3A Pending CN107370747A (en) 2017-08-14 2017-08-14 A kind of method and device for preventing malicious file from propagating

Country Status (1)

Country Link
CN (1) CN107370747A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108156170A (en) * 2018-01-03 2018-06-12 郑州云海信息技术有限公司 Checking and killing method is isolated in a kind of Cloud Server virus
CN108650251A (en) * 2018-04-27 2018-10-12 北京奇安信科技有限公司 A kind of display processing method and device of network security comprehensive situation perception data
CN109063472A (en) * 2018-05-30 2018-12-21 太仓鸿策拓达科技咨询有限公司 Security of Network Database toxicological operation protective system
CN109194739A (en) * 2018-09-03 2019-01-11 中国平安人寿保险股份有限公司 A kind of file uploading method, storage medium and server
CN109933981A (en) * 2017-12-18 2019-06-25 中标软件有限公司 Virus scan optimization method
CN111712820A (en) * 2017-12-21 2020-09-25 迈克菲有限责任公司 Method and apparatus for securing a mobile device
CN112347041A (en) * 2020-11-03 2021-02-09 紫光云引擎科技(苏州)有限公司 Industrial cloud application store system file uploading security scanning method and system
CN112506699A (en) * 2020-11-25 2021-03-16 江苏恒信和安电子科技有限公司 Data security backup method, equipment and system
CN112528285A (en) * 2020-12-18 2021-03-19 南方电网电力科技股份有限公司 Security protection method and device for cloud computing platform, electronic equipment and storage medium
CN116760819A (en) * 2023-07-14 2023-09-15 中电长城网际***应用广东有限公司 Computer file network transmission method, computer device and device medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2485724Y (en) * 2001-03-16 2002-04-10 联想(北京)有限公司 Security device for network virus to gate level computer
CN1375775A (en) * 2001-03-16 2002-10-23 联想(北京)有限公司 Geteway level computer network virus preventing method and device
CN101068204A (en) * 2006-05-05 2007-11-07 美国博通公司 Intermediate network node of communication structure and its execution method
CN101141244A (en) * 2006-09-08 2008-03-12 飞塔信息科技(北京)有限公司 Network encrypted data virus detection and elimination system, proxy server and method
CN101414332A (en) * 2007-10-15 2009-04-22 鸿富锦精密工业(深圳)有限公司 Apparatus and method for preventing virus
CN101778059A (en) * 2010-02-09 2010-07-14 成都市华为赛门铁克科技有限公司 Mail processing method, gateway equipment and network system
CN102622537A (en) * 2011-01-31 2012-08-01 中兴通讯股份有限公司 Method and device for processing virus file

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2485724Y (en) * 2001-03-16 2002-04-10 联想(北京)有限公司 Security device for network virus to gate level computer
CN1375775A (en) * 2001-03-16 2002-10-23 联想(北京)有限公司 Geteway level computer network virus preventing method and device
CN101068204A (en) * 2006-05-05 2007-11-07 美国博通公司 Intermediate network node of communication structure and its execution method
CN101141244A (en) * 2006-09-08 2008-03-12 飞塔信息科技(北京)有限公司 Network encrypted data virus detection and elimination system, proxy server and method
CN101414332A (en) * 2007-10-15 2009-04-22 鸿富锦精密工业(深圳)有限公司 Apparatus and method for preventing virus
CN101778059A (en) * 2010-02-09 2010-07-14 成都市华为赛门铁克科技有限公司 Mail processing method, gateway equipment and network system
CN102622537A (en) * 2011-01-31 2012-08-01 中兴通讯股份有限公司 Method and device for processing virus file

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
数字时代工作室: "《个人用网安全与黑客防范技术》", 31 August 2001 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933981A (en) * 2017-12-18 2019-06-25 中标软件有限公司 Virus scan optimization method
CN111712820A (en) * 2017-12-21 2020-09-25 迈克菲有限责任公司 Method and apparatus for securing a mobile device
CN108156170A (en) * 2018-01-03 2018-06-12 郑州云海信息技术有限公司 Checking and killing method is isolated in a kind of Cloud Server virus
CN108650251A (en) * 2018-04-27 2018-10-12 北京奇安信科技有限公司 A kind of display processing method and device of network security comprehensive situation perception data
CN109063472A (en) * 2018-05-30 2018-12-21 太仓鸿策拓达科技咨询有限公司 Security of Network Database toxicological operation protective system
CN109194739A (en) * 2018-09-03 2019-01-11 中国平安人寿保险股份有限公司 A kind of file uploading method, storage medium and server
CN112347041A (en) * 2020-11-03 2021-02-09 紫光云引擎科技(苏州)有限公司 Industrial cloud application store system file uploading security scanning method and system
CN112506699A (en) * 2020-11-25 2021-03-16 江苏恒信和安电子科技有限公司 Data security backup method, equipment and system
CN112528285A (en) * 2020-12-18 2021-03-19 南方电网电力科技股份有限公司 Security protection method and device for cloud computing platform, electronic equipment and storage medium
CN116760819A (en) * 2023-07-14 2023-09-15 中电长城网际***应用广东有限公司 Computer file network transmission method, computer device and device medium
CN116760819B (en) * 2023-07-14 2024-01-30 中电长城网际***应用广东有限公司 Computer file network transmission method, computer device and device medium

Similar Documents

Publication Publication Date Title
CN107370747A (en) A kind of method and device for preventing malicious file from propagating
CN1332333C (en) E-mail management services
CN104813332B (en) The prestige that instant Email embeds URL determines
CN104917749B (en) account registration method and device
USRE45326E1 (en) Systems and methods for securing computers
CN104917586B (en) Transmit method of calibration, the apparatus and system of data
CN108280347A (en) A kind of method and device of virus scan
US9628513B2 (en) Electronic message manager system, method, and computer program product for scanning an electronic message for unwanted content and associated unwanted sites
EP2490370A2 (en) Method for providing an anti-malware service
JP2005518173A5 (en)
CN107748668A (en) A kind of method and device of application program updating
US20180219807A1 (en) Systems and methods for providing an automated technical support assistant
CN110912893B (en) Account number merging method
US20170026399A1 (en) Delaying Phishing Communication
CN107465666A (en) A kind of client ip acquisition methods and device
CN108446247A (en) A kind of method and terminal of data interaction
CN110071806A (en) The method and system of data processing based on interface check
CN107341028A (en) Update method and device, the storage medium and processor of patch
CN109918089A (en) A kind of software deployment method and system
CN110362621A (en) Entry and exit information docketing system
CN114968470A (en) Container detection method and device based on k8s cluster, electronic equipment and storage device
CN111741103A (en) Access control data synchronization method and system
CN109829303A (en) A kind of Intranet cloud checking and killing method, console and client based on system file
CN106059906A (en) Message processing system, message processing method and message processing apparatus
CN105933298A (en) Devices And Methods For Performing Tcp Handshakes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171121

RJ01 Rejection of invention patent application after publication