CN106203105B - File management method and device - Google Patents

File management method and device Download PDF

Info

Publication number
CN106203105B
CN106203105B CN201610483699.0A CN201610483699A CN106203105B CN 106203105 B CN106203105 B CN 106203105B CN 201610483699 A CN201610483699 A CN 201610483699A CN 106203105 B CN106203105 B CN 106203105B
Authority
CN
China
Prior art keywords
file
memory space
treated
apocrypha
malicious
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610483699.0A
Other languages
Chinese (zh)
Other versions
CN106203105A (en
Inventor
苗汇泉
宁敢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201610483699.0A priority Critical patent/CN106203105B/en
Publication of CN106203105A publication Critical patent/CN106203105A/en
Application granted granted Critical
Publication of CN106203105B publication Critical patent/CN106203105B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Whether, the invention discloses a kind of file management method and device, which includes: judgment module, is scanned for the memory space to mobile device, judge in the memory space comprising file to be treated;Configuration module, for creating file in the memory space, and the file to be treated is put into the file in the case where judgement is comprising file to be treated;Processing module, for being handled according to instruction the file stored in the file;Wherein, the judgment module is for judging whether the memory space includes apocrypha and/or malicious file;And in the case where judging that the memory space includes apocrypha and/or malicious file, by the memory space apocrypha and/or malicious file be determined as file to be treated.The file that can effectively restore or consult the storage of mobile device original using technical solution of the present invention avoids the problem that operation can not carry out.

Description

File management method and device
The application is the divisional application based on female case " file management method and device ", female case " file management method and dress Set " application No. is CN201210393609.0, Publication No. CN102915359A.
Technical field
The present invention relates to computer fields, and in particular to a kind of file management method and device.
Background technique
With the extensive utilization of computer technology every field in social life, rogue program (Malwar, Malicious software, refer to it is any it is intentional creation be used to execute without permission and the software program of usually harmful act) Also it is comed one after another as its accessory.The infectivity as possessed by these rogue programs, replicability and destructiveness, The significant problem used as puzzlement computer.
Therefore, today growing in Cyberthreat, updating virus signature, to become enterprise and netizen indispensable daily Work, from once a week, to once a day, until the moment updates, user is expected that by the matching of virus signature to avoid calculating Machine equipment is influenced by rogue program.And traditional antivirus software is that virus base is placed on to client computer, is carried out in client The analysis work of file can be compared in local virus library repeatedly during the scanning process, occupy a large amount of system resources, and With the continuous upgrading of virus base, the capacity of virus base is increasing, when Study document it is spent time it is also increasingly longer, lead The system resource of client computer is caused to occupy excessive, reduced performance, therefore, it is prominent that anti-virus industry has to look for new technology It is broken.
" cloud security (Cloud Security) " plan is the newest embodiment of cybertimes information security, it has been merged parallel The emerging technologies concepts such as processing, grid computing, unknown virus behavior judgement, by " theory of cloud computing has been applied to safe neck Domain.
Cloud killing, which refers to, is placed on server-side virus base, because the virus base of server-side updates faster, more in time, after networking The technology of killing can be rapidly performed by.It is common to do after being scanned using cloud killing technology to USB flash disk (mobile device) Method is that the danger (being judged as malicious file) or apocrypha that obtain after cloud killing scanning are stored in local computing and are set It is standby upper.
Since the danger or apocrypha that obtain after cloud killing to USB flash disk have been stored on local computing device, So when USB flash disk is moved in another calculating equipment from local computing device, if at this time will be in another calculating equipment The upper danger for restoring accidentally to delete or apocrypha, then be unable to handle.
Cause to be difficult to based on mobile device to text for segregate file is stored in calculating equipment side in the related technology Part carries out the problem of other subsequent processing, and currently no effective solution has been proposed.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind State the file management method and device of problem.
According to one aspect of the present invention, file management method is provided, this document management method includes:
The memory space of mobile device is scanned, whether is judged in memory space comprising file to be treated;
If creating file in memory space, and file to be treated is put comprising file to be treated Enter in file;
The file stored in file is handled according to instruction;
Wherein, judge in memory space whether to include that file to be treated includes:
Judge whether memory space includes apocrypha and/or malicious file;
If memory space includes apocrypha and/or malicious file, by the apocrypha and/or evil in memory space Meaning file is determined as file to be treated.
Optionally, after file to be treated is put into file, file management method further comprises:
Instruction from the user is received, is determined according to instruction to the file needed processing in file.
Optionally, in the case where the file from the user being designated as in recovery file, to the file in file Carrying out processing includes:
By the file access pattern in file to former storage location.
Optionally, in the case where the file from the user being designated as in Delete Folder, to the file in file Carrying out processing includes:
File in file is deleted.
According to another aspect of the present invention, a kind of document management apparatus is provided, this document managing device includes:
Whether judgment module is scanned for the memory space to mobile device, judge in memory space comprising needs The file of processing;
Configuration module, for creating file in memory space in the case where judgement is comprising file to be treated, And file to be treated is put into file;
Processing module, for being handled according to instruction the file stored in file;
Wherein, judgment module is for judging whether memory space includes apocrypha and/or malicious file;And judge to store In the case that space includes apocrypha and/or malicious file, by memory space apocrypha and/or malicious file determine For file to be treated.
Optionally, this document managing device further comprises:
Determining module, for after file to be treated is put into file, receiving instruction from the user, and It is determined according to instruction to the file needed processing in file.
Optionally, in the case where the file from the user being designated as in recovery file, processing module is used for will be literary Part folder in file access pattern to original storage location.
Optionally, in the case where the file from the user being designated as in Delete Folder, processing module is used for will be literary File in part folder is deleted.
File management method and device according to the present invention can be scanned by the memory space to mobile device, Judge in memory space to establish file in the memory space of the mobile device in the case where the file of processing in need, and File to be treated is put into this document folder and is handled, thus solves and is calculating the segregate file of equipment side storage And cause to be difficult to the problem of carrying out other subsequent processing to file based on mobile device, achieve the memory space in mobile device Middle storage file to be treated equally can effectively restore or consult shifting even if mobile device is connect with other computers The file of dynamic equipment original storage, avoids the problem that the beneficial effect that operation can not carry out.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows the flow chart of file management method according to an embodiment of the invention;
Fig. 2 shows the schematic diagrames of file management method implementing result according to an embodiment of the invention;And
Fig. 3 shows the block diagram of document management apparatus according to an embodiment of the present invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure It is fully disclosed to those skilled in the art.
According to an embodiment of the invention, providing a kind of file management method.
As shown in Figure 1, file management method includes:
Whether step S101 is scanned the memory space of mobile device, judge in memory space comprising needing to handle File;
Step S103 if creating file in memory space comprising file to be treated, and will need to handle File be put into file;
Step S105 is handled the file stored in file according to instruction.
Wherein, judge in memory space whether to include that file to be treated includes:
Judge whether memory space includes apocrypha and/or malicious file;
If memory space includes apocrypha and/or malicious file, by the apocrypha and/or evil in memory space Meaning file is determined as file to be treated.
Also, after file to be treated is put into file, file management method further comprises:
Instruction from the user is received, is determined according to instruction to the file needed processing in file.
In addition, it is from the user be designated as restore file in file in the case where, to the file in file into Row is handled
By the file access pattern in file to former storage location.
Moreover, in the case where the file from the user being designated as in Delete Folder, to the file in file into Row is handled
File in file is deleted.
For example, mobile device is connected in a calculating equipment, user's USB flash disk (mobile device) is scanned after server networking On file, find the corresponding file hierarchies of md5 of file;Wherein, server scan for inquiries background grade, backstage save There are the md5 and corresponding file hierarchies of different files.File hierarchies mainly according to the static nature in program file, such as pass through The md5 identifying code or SHA1 obtained by md5-challenge (Message-Digest Algorithm 5, abbreviation md5) operation Code or cyclic redundancy check (Cyclic Redundancy Check, abbreviation CRC) code etc. can unique identification original program feature Code, the static nature string being also possible in program file.
Firstly, in the server, if the corresponding file hierarchies yardage value of file be 10-20 be it is white (i.e. secure file, or Referred to as trusted file), it is unknown (i.e. apocrypha) that the corresponding file hierarchies yardage value of file, which is 30, (not white in white list List can be the list of trusted file), also not in blacklist (list that blacklist can be malicious file), file is corresponding File hierarchies yardage value be 50-70 be all black (i.e. malicious file).When USB flash disk connects cloud database, according to the md5 of file The yardage value can be inquired.
Then the danger (malice) found or apocrypha isolated area is put into (to create in the memory space of mobile device The file built) in.It should be noted that in some embodiments, apocrypha can not also be put into isolated area.
For u sweeping retouch backstage use grade, mainly according to the PE file for some file being collected into from the background etc. Grade, if not the grade of PE file >=30, then it is apocrypha;If PE file hierarchies >=50, it is dangerous (malice) file;If Grade=70 of PE file are then wooden horse files.
As shown in Fig. 2, for the scanning result to the file in mobile device.When being inserted into mobile device in a calculating equipment When, when cloud killing scans and confirms that file has abnormal, including file is apocrypha, dangerous file or wooden horse file.
For example, the file of the entitled auto.bat of file is apocrypha, the entitled setup- of file in Fig. 2 The file of guiying.exe and the entitled pucgc5951 hurricane .exe of file are wooden horse file.
User, which can choose, wouldn't handle, immediately treats or immediately treat and scan the instruction such as USB flash disk comprehensively.
After user selects " immediately treating " instruction, in the file of u disk creation " off-limit file ", by text to be treated Part is put into the file of " off-limit file " and is handled.
If the danger or apocrypha that are placed into isolated area reported by mistake or accidentally handle, and need to restore the danger or When apocrypha, its home position directly is restored to from the isolated area the danger or apocrypha.
According to an embodiment of the invention, providing a kind of document management apparatus.
As shown in figure 3, document management apparatus includes:
Whether judgment module 31 is scanned for the memory space to mobile device, judge in memory space comprising needing File to be processed;
Configuration module 32, for creating file in memory space in the case where judgement is comprising file to be treated Folder, and file to be treated is put into file;
Processing module 33, for being handled according to instruction the file stored in file.
Wherein, judgment module 31 is for judging whether memory space includes apocrypha and/or malicious file;And judge to deposit Store up in the case that space includes apocrypha and/or malicious file, by memory space apocrypha and/or malicious file it is true It is set to file to be treated.
Also, this document managing device further comprises:
Determining module (not shown), for after file to be treated is put into file, reception to be come from The instruction of user, and determined according to instruction to the file needed processing in file.
In addition, processing module 33 is used for will be literary in the case where the file from the user being designated as in recovery file Part folder in file access pattern to original storage location.
Moreover, processing module 33 is used for will be literary in the case where the file from the user being designated as in Delete Folder File in part folder is deleted.
By means of technical solution of the present invention, the mobile device of such as USB flash disk etc is connected to any one calculating equipment On, equipment can be calculated in this restore the danger (malice) previously accidentally deleted on the mobile device or apocrypha.
In conclusion be scanned by means of above-mentioned technical proposal of the invention by the memory space to mobile device, In judging memory space in the case where the file of processing in need, file is established in the memory space of the mobile device, And file to be treated is put into this document folder and is handled, it can be stored in the memory space of mobile device and need to locate The file of reason equally can effectively restore or consult the storage of mobile device original even if mobile device is connect with other computers File, avoid the problem that operation can not carry out.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein. Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects, Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed Meaning one of can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice Microprocessor or digital signal processor (DSP) are realized in file management method and device according to an embodiment of the present invention The some or all functions of some or all components.The present invention is also implemented as executing method as described herein Some or all device or device programs (for example, computer program and computer program product).Such reality Existing program of the invention can store on a computer-readable medium, or may be in the form of one or more signals. Such signal can be downloaded from an internet website to obtain, and perhaps be provided on the carrier signal or in any other forms It provides.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame Claim.

Claims (8)

1. a kind of file management method, for being managed to the file on USB flash disk comprising:
Server carries out cloud killing scanning to the file in USB flash disk memory space, obtains the background grade of scanned document, together When in the server, the corresponding file hierarchies code of setting file, file hierarchies obtained and set file hierarchies code into Whether row comparison judges in the memory space comprising file to be treated;
If creating file in the memory space comprising file to be treated, and by the text to be treated Part is put into the file;
The file stored in the file is handled according to instruction;
Wherein, judge in the memory space whether to include that file to be treated includes:
Judge whether the memory space includes apocrypha and/or malicious file;
If the memory space include apocrypha and/or malicious file, by the memory space apocrypha and/ Or malicious file is determined as file to be treated.
2. file management method according to claim 1, which is characterized in that the file to be treated is being put into institute After stating in file, the file management method further comprises:
Instruction from the user is received, is determined according to the instruction to the file needed processing in the file.
3. file management method according to claim 2, which is characterized in that be designated as restoring the text from the user In the case where file in part folder, carrying out processing to the file in the file includes:
By the file access pattern in the file to former storage location.
4. file management method according to claim 2, which is characterized in that be designated as deleting the text from the user In the case where file in part folder, carrying out processing to the file in the file includes:
File in the file is deleted.
5. a kind of document management apparatus, for being managed to the file on USB flash disk comprising:
Judgment module, server carry out cloud killing scanning to the file in USB flash disk memory space, obtain the backstage text of scanned document Part grade, while in the server, the corresponding file hierarchies code of file, file hierarchies obtained and set file are set Whether grade code compares, judge in the memory space comprising file to be treated;
Configuration module, for creating file in the memory space in the case where judgement is comprising file to be treated, And the file to be treated is put into the file;
Processing module, for being handled according to instruction the file stored in the file;
Wherein, the judgment module is for judging whether the memory space includes apocrypha and/or malicious file;And judge In the case that the memory space includes apocrypha and/or malicious file, by the memory space apocrypha and/or Malicious file is determined as file to be treated.
6. document management apparatus according to claim 5, which is characterized in that further include:
Determining module, for receiving finger from the user after the file to be treated is put into the file Show, and is determined according to the instruction to the file needed processing in the file.
7. document management apparatus according to claim 6, which is characterized in that be designated as restoring the text from the user In the case where file in part folder, the processing module is used for the file access pattern in the file to former storage location.
8. document management apparatus according to claim 6, which is characterized in that be designated as deleting the text from the user In the case where file in part folder, the processing module is used to delete the file in the file.
CN201610483699.0A 2012-10-16 2012-10-16 File management method and device Expired - Fee Related CN106203105B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610483699.0A CN106203105B (en) 2012-10-16 2012-10-16 File management method and device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610483699.0A CN106203105B (en) 2012-10-16 2012-10-16 File management method and device
CN201210393609.0A CN102915359B (en) 2012-10-16 2012-10-16 File management method and device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201210393609.0A Division CN102915359B (en) 2012-10-16 2012-10-16 File management method and device

Publications (2)

Publication Number Publication Date
CN106203105A CN106203105A (en) 2016-12-07
CN106203105B true CN106203105B (en) 2019-07-09

Family

ID=47613725

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201210393609.0A Active CN102915359B (en) 2012-10-16 2012-10-16 File management method and device
CN201610483699.0A Expired - Fee Related CN106203105B (en) 2012-10-16 2012-10-16 File management method and device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201210393609.0A Active CN102915359B (en) 2012-10-16 2012-10-16 File management method and device

Country Status (1)

Country Link
CN (2) CN102915359B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102930209B (en) * 2012-10-16 2016-04-27 北京奇虎科技有限公司 The document handling method of movable storage device and document handling apparatus
CN104994060B (en) * 2015-05-15 2019-03-19 百度在线网络技术(北京)有限公司 It is a kind of to provide the method and apparatus of verifying for logging in for user
CN107577940A (en) * 2017-08-07 2018-01-12 北京金山安全管理系统技术有限公司 Virus scan method and apparatus
CN108875373B (en) * 2017-12-29 2021-04-20 北京安天网络安全技术有限公司 Mobile storage medium file control method, device and system and electronic equipment
CN109063472A (en) * 2018-05-30 2018-12-21 太仓鸿策拓达科技咨询有限公司 Security of Network Database toxicological operation protective system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079689A (en) * 2006-05-26 2007-11-28 上海晨兴电子科技有限公司 Method and device for virus scanning and processing of the data received by mobile phone

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101924761B (en) * 2010-08-18 2013-11-06 北京奇虎科技有限公司 Method for detecting malicious program according to white list
CN101930515B (en) * 2010-08-27 2012-11-21 奇智软件(北京)有限公司 System and method for safely decompressing compressed file
CN102411629A (en) * 2011-12-21 2012-04-11 Tcl集团股份有限公司 File scanning method and device based on android system
CN102592080B (en) * 2011-12-26 2015-11-11 北京奇虎科技有限公司 flash malicious file detection method and device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101079689A (en) * 2006-05-26 2007-11-28 上海晨兴电子科技有限公司 Method and device for virus scanning and processing of the data received by mobile phone

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
智能手机反病毒引擎设计及其重要模块的实现;陈敏;《中国优秀硕士学位论文全文数据库》;20110415(第4期);第1-81页

Also Published As

Publication number Publication date
CN106203105A (en) 2016-12-07
CN102915359B (en) 2016-08-10
CN102915359A (en) 2013-02-06

Similar Documents

Publication Publication Date Title
US10972488B2 (en) Method and system for modeling all operations and executions of an attack and malicious process entry
Crussell et al. Andarwin: Scalable detection of android application clones based on semantics
Bayer et al. Scalable, behavior-based malware clustering.
Costin et al. A {Large-scale} analysis of the security of embedded firmwares
JP6644001B2 (en) Virus processing method, apparatus, system, device, and computer storage medium
US8725702B1 (en) Systems and methods for repairing system files
RU2454705C1 (en) System and method of protecting computing device from malicious objects using complex infection schemes
Crussell et al. Scalable semantics-based detection of similar android applications
CN101923617B (en) Cloud-based sample database dynamic maintaining method
JP5963008B2 (en) Computer system analysis method and apparatus
US8176556B1 (en) Methods and systems for tracing web-based attacks
CN106203105B (en) File management method and device
US10216934B2 (en) Inferential exploit attempt detection
EP2663944B1 (en) Malware detection
CN103281325A (en) Method and device for processing file based on cloud security
CN103473501A (en) Malware tracking method based on cloud safety
CN103279707A (en) Method, device and system for actively defending against malicious programs
US8448243B1 (en) Systems and methods for detecting unknown malware in an executable file
CN102902921B (en) The method and apparatus of a kind of detection and dump virus
US8572730B1 (en) Systems and methods for revoking digital signatures
CN104915594B (en) Application program operation method and device
US10089469B1 (en) Systems and methods for whitelisting file clusters in connection with trusted software packages
CN102930209B (en) The document handling method of movable storage device and document handling apparatus
CN103679024B (en) Virus treating method and device
CN102799812B (en) Method and device for processing application program

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220727

Address after: Room 801, 8th floor, No. 104, floors 1-19, building 2, yard 6, Jiuxianqiao Road, Chaoyang District, Beijing 100015

Patentee after: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.

Patentee before: Qizhi software (Beijing) Co.,Ltd.

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190709

CF01 Termination of patent right due to non-payment of annual fee