CN109194739A - A kind of file uploading method, storage medium and server - Google Patents
A kind of file uploading method, storage medium and server Download PDFInfo
- Publication number
- CN109194739A CN109194739A CN201811017737.9A CN201811017737A CN109194739A CN 109194739 A CN109194739 A CN 109194739A CN 201811017737 A CN201811017737 A CN 201811017737A CN 109194739 A CN109194739 A CN 109194739A
- Authority
- CN
- China
- Prior art keywords
- file
- risk
- index
- risk index
- text
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 241000700605 Viruses Species 0.000 claims abstract description 38
- 238000001914 filtration Methods 0.000 claims abstract description 20
- 230000000717 retained effect Effects 0.000 claims abstract description 16
- 238000012544 monitoring process Methods 0.000 claims abstract description 11
- 238000004590 computer program Methods 0.000 claims description 18
- 238000012545 processing Methods 0.000 claims description 9
- 230000011218 segmentation Effects 0.000 claims description 7
- 230000006870 function Effects 0.000 description 10
- 238000012217 deletion Methods 0.000 description 6
- 230000037430 deletion Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 2
- 230000003612 virological effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000010485 coping Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/20—Natural language analysis
- G06F40/279—Recognition of textual entities
- G06F40/289—Phrasal analysis, e.g. finite state techniques or chunking
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Artificial Intelligence (AREA)
- Virology (AREA)
- Computational Linguistics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of file uploading method, storage medium and servers, comprising: if monitoring file upload, obtains the characteristic information of the file;According to the characteristic information of the file, the risk index of the file is determined;The file is filtered according to the risk index of the file, retains the file that risk index is lower than default value-at-risk;Virus scan is carried out to the file retained after filtering;If the file uploads the file by the virus scan.A possibility that present invention carries out multiple risk supervision to the file of upload, effectively verifies the safety of file, and the file for reducing upload is risk file, to improve the safety of file upload.
Description
Technical field
The present invention relates to technical field of network security more particularly to a kind of file uploading methods, storage medium and server.
Background technique
As long as the development of network shares identical data resource in different places so that user is connected to network.
User can upload to network by the transmission of network implementations file, such as by the file being locally stored, and network can also be deposited
The file download of storage is to locally.
However, network security is increasingly taken seriously as the high speed of IT and internet industry emerges.Existing server
The file of upload is not verified effectively, criminal is easy to drill through security breaches upload illegal file, so as to cause to clothes
Business device even whole network is operated and is destroyed, and internet security is poor.
Summary of the invention
The embodiment of the invention provides a kind of file uploading method, storage medium and servers, to solve in the prior art,
Server does not verify the file of upload effectively, and criminal is easy to drill through security breaches upload illegal file, to lead
It causes that server even whole network is operated and destroyed, the poor problem of internet security.
The first aspect of the embodiment of the present invention provides a kind of file uploading method, comprising:
If monitoring file upload, the characteristic information of the file is obtained;
According to the characteristic information of the file, the risk index of the file is determined;
The file is filtered according to the risk index of the file, retains risk index and is lower than default value-at-risk
File;
Virus scan is carried out to the file retained after filtering;
If the file uploads the file by the virus scan.
The second aspect of the embodiment of the present invention provides a kind of server, including memory and processor, the storage
Device is stored with the computer program that can be run on the processor, and the processor is realized such as when executing the computer program
Lower step:
If monitoring file upload, the characteristic information of the file is obtained;
According to the characteristic information of the file, the risk index of the file is determined;
The file is filtered according to the risk index of the file, retains risk index and is lower than default value-at-risk
File;
Virus scan is carried out to the file retained after filtering;
If the file uploads the file by the virus scan.
The third aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, and the computer program realizes following steps when being executed by processor:
If monitoring file upload, the characteristic information of the file is obtained;
According to the characteristic information of the file, the risk index of the file is determined;
The file is filtered according to the risk index of the file, retains risk index and is lower than default value-at-risk
File;
Virus scan is carried out to the file retained after filtering;
If the file uploads the file by the virus scan.
In the embodiment of the present invention, if monitoring file upload, the characteristic information of the file is obtained, according to the file
The characteristic information determines the risk index of the file, to be carried out according to the risk index of the file to the file
Filtering retains the file that risk index is lower than default value-at-risk, realizes the first time risk supervision to file to be uploaded, then right
The file retained after filtering carries out virus scan, realizes and carries out second of risk supervision to file to be uploaded, if the file
By the virus scan, then the file is uploaded, this programme has effect by carrying out multiple risk supervision to the file of upload
A possibility that safety for demonstrate,proving file, the file for reducing upload is risk file, so that the safety of file upload is improved, to protect
Hinder the server even safety of network.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to embodiment or description of the prior art
Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description is only of the invention some
Embodiment for those of ordinary skill in the art without any creative labor, can also be according to these
Attached drawing obtains other attached drawings.
Fig. 1 is the implementation flow chart of file uploading method provided in an embodiment of the present invention;
Fig. 2 is the specific implementation flow chart of file uploading method S101 provided in an embodiment of the present invention;
Fig. 3 is the specific implementation flow chart of file uploading method S102 provided in an embodiment of the present invention;
Fig. 4 be another embodiment of the present invention provides file uploading method implementation flow chart;
Fig. 5 is the implementation flow chart for the file uploading method that yet another embodiment of the invention provides;
Fig. 6 is the structural block diagram that file provided in an embodiment of the present invention uploads device;
Fig. 7 be another embodiment of the present invention provides file upload device structural block diagram;
Fig. 8 is the schematic diagram of server provided in an embodiment of the present invention.
Specific embodiment
In order to make the invention's purpose, features and advantages of the invention more obvious and easy to understand, below in conjunction with the present invention
Attached drawing in embodiment, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that disclosed below
Embodiment be only a part of the embodiment of the present invention, and not all embodiment.Based on the embodiments of the present invention, this field
Those of ordinary skill's all other embodiment obtained without making creative work, belongs to protection of the present invention
Range.
Fig. 1 shows the implementation process of file uploading method provided in an embodiment of the present invention, and this method process includes step
S101 to S105.The specific implementation principle of each step is as follows:
S101: if monitoring file upload, the characteristic information of the file is obtained.
In embodiments of the present invention, file refers to including with the knot of text, symbol, picture or text, symbol and picture
Close the combination of described content.The characteristic information of file includes filename and file type, further includes document source, and file comes
Source includes the platform identification of user identifier and upper transmitting file, and user identifier refers to the identification information of the user of transmitting file, is used for
Identity user has uniqueness, such as the account of login, and platform identification can be the webpage number of transmitting file, for identifying
The platform that file uploads.
In embodiments of the present invention, when the upper transmitting file of user, need to input pre-registered account number cipher logs in can be into
Row uploads, and when server detects user's above transmitting file, will currently log in the account of the platform as the file of the upload
User identifier, obtain current upload interface webpage number as the upload file platform identification.It optionally, will be upper
The api interface number of server calls is determined as the platform identification when transmitting file.
Optionally, the characteristic information of the file further includes word frequency.Wherein, word frequency is for indicating some specified word
Total word number of the frequency occurred in this document, the number occurred in this document according to some specified word and this document
The ratio between obtain.
As an embodiment of the present invention, as shown in Fig. 2, the characteristic information includes word frequency, above-mentioned S101 is specifically wrapped
It includes:
A1: scanning the file, obtains the content of text of the file.The content of text includes statement text.
A2: word segmentation processing is carried out to the content of text, obtains each participle for constituting the content of text.That is, to text
Statement text in part content carries out word segmentation processing.Word segmentation processing, which refers to, is cut into a statement text one by one individually
Word namely each participle can carry out cutting to statement text according to universaling dictionary, guarantee to separate in the present embodiment
Word be all normal vocabulary, separate individual character if word is not in dictionary.When front-rear direction can be at word in same sentence
When, such as " I can do " can divide according to the size of statistics word frequency, separate such as " my meeting " word frequency height if " my meeting/do ", such as " meeting
Doing " word frequency height then separates " I/can do ".
A3: each participle is compared with predetermined keyword, determining in the content of text whether there is and default pass
The identical participle of keyword.Wherein, predetermined keyword refers to the keyword in the keywords database originally established, the keywords database root
It is regularly updated according to the file of upload and the testing result of risk supervision.Participle identical with predetermined keyword is the file
In keyword.It should be noted that it is described it is identical as predetermined keyword include that words is identical and semanteme is identical, i.e., to each
The result of semantics recognition is compared with the semanteme of predetermined keyword after carrying out semantics recognition for participle, if semantic identical, institute
It is identical as the predetermined keyword to state participle.
A4: it if there is participle identical with the predetermined keyword in the content of text, calculates and the default pass
The word frequency of the identical participle of keyword.For example, calculating " deletion " word described if participle is identical as predetermined keyword " deletion "
The ratio of sum, the word frequency which as " deletes " are segmented in the number and the content of text occurred in content of text.
In the present embodiment, by scanning the content of text of file acquisition file, and content of text is segmented, according to each
A participle is compared with predetermined keyword to be determined and whether there is participle identical with predetermined keyword in the content of text, will with it is pre-
If identical segment of keyword is determined as the keyword of the file, then in calculation document keyword word frequency, so as to according to text
The word frequency of keyword determines the risk index of file in part.
S102: according to the characteristic information of the file, the risk index of the file is determined.
In embodiments of the present invention, it can be looked into from preset risk index table according to the characteristic information of the file
Look for corresponding risk index.The one-to-one correspondence of documentary characteristic information and risk index is deposited in the preset risk index table
Relationship.
As an embodiment of the present invention, Fig. 3 shows file uploading method step provided in an embodiment of the present invention
A kind of specific implementation flow of S102, details are as follows:
B1: the corresponding risk factor of the predetermined keyword is searched in predetermined keyword risk table.Specifically, the wind
Dangerous coefficient is the coefficient previously according to fixed risk file to the statistical analysis setting of keyword in preset keywords database.
B2: according to the risk factor and the word frequency, the risk index of the file is determined.Specifically, according to as follows
Formula determines the risk index of the file:
Wherein, fiFor in file it is identical with predetermined keyword participle i word frequency,niIndicate keyword i in institute
The number occurred in file is stated, M indicates total participle number of the file;λiIndicate predetermined keyword corresponding with participle i pre-
If corresponding risk factor in keyword risk table, N are positive integer, indicate in the file exist respectively with predetermined keyword phase
Keyword sum in same participle sum namely the file.
Func be any one realization from [0 ,+∞) to [0,1) monotonically increasing function of mapping, such as it is desirable following any
One function:Or
Specifically, in embodiments of the present invention, risk index is not less than to the file filter of default value-at-risk, forbid on
It passes.The file that risk index is lower than default value-at-risk retains.
Illustratively, if participle is identical as predetermined keyword " deletion ", " deletion " word is calculated in the content of text
The ratio of sum is segmented in the number of appearance and the content of text, and search from preset risk index table " deletion " this
The corresponding risk factor of keyword.According to the word frequency and above-mentioned formula (1) of the risk factor, " deletion " hereof, meter
Calculate the risk index of the file.If the risk index of the file is at or above preset risk index, forbid institute
State the upload of file.
As an embodiment of the present invention, the another kind of file uploading method step S102 provided in an embodiment of the present invention
Specific implementation flow, details are as follows:
C1: the corresponding type risk index of file type of the file is searched from preset type risk index table
Index_Type。
C2: the corresponding consumer's risk index of user identifier of the file is searched from preset consumer's risk index table
Index_UserUP。
C3: the corresponding platform risk index of platform identification of the file is searched from preset platform risk index table
Index_Platform。
C4: the risk index RskDeg of the file (2) determination according to the following formula:
RiskDeg=Func (α * Index_Type+ β * Index_UserUP+ δ * Index_Platform) (2);
Wherein, α is the corresponding default weight of file type of the file, and β is that the user identifier of the file is corresponding
Default weight, δ are the corresponding default weight of platform identification of the file, Func be any one realization from [0 ,+∞) to [0,
1) monotonically increasing function mapped.
S103: being filtered the file according to the risk index of the file, retains risk index and is lower than default wind
The file being nearly worth.
Specifically, if the risk index of the file is at or above default value-at-risk, the file is determined as wind
Dangerous file forbids the upload of the file.The file for being lower than default value-at-risk for risk index is retained, with further into
Row risk supervision.
S104: virus scan is carried out to the file retained after filtering.
In embodiments of the present invention, the purpose of virus scan is to look for whether carrying virus in the file.Specifically,
Default virus sample library carries out virus scan to the file retained after the filtering according to the viral sample in viral sample library.
S105: if the file uploads the file by the virus scan.
In the present embodiment, determine whether to upload the file according to the result of the virus scan, virus scan refers to pair
Scan whether the file carries virus.Specifically, virus scan is carried out to the file retained after filtering, if through virus scan institute
It states file and does not carry virus, the file determines safety, and virus scan passes through, and uploads the file to server, and prompt to use
Family uploads successfully.If virus scan finds that the file carries virus, the file is determined as risk file, and virus scan is obstructed
It crosses, forbids uploading the file, prompt user to upload failure, send a warning message.
In the embodiment of the present invention, if monitoring file upload, the characteristic information of the file is obtained, according to the file
The characteristic information determines the risk index of the file, to be carried out according to the risk index of the file to the file
Filtering retains the file that risk index is lower than default value-at-risk, realizes the first time risk supervision to file to be uploaded, then right
The file retained after filtering carries out virus scan, realizes and carries out second of risk supervision to file to be uploaded, if the file
By the virus scan, then the file is uploaded, this programme has effect by carrying out multiple risk supervision to the file of upload
A possibility that safety for demonstrate,proving file, the file for reducing upload is risk file, so that the safety of file upload is improved, to protect
Hinder the server even safety of network.
Optionally, based on file uploading method provided in above-mentioned Fig. 1 embodiment, in embodiments of the present invention, in Fig. 1
After shown step S103, as shown in figure 4, the file uploading method further include:
D1: the suffix name of the file is obtained.
D2: judge the suffix name whether in default suffix name set.It stores and determines in the default suffix name set
For the suffix name of secure file.
D3: if the suffix name is not in the default suffix name set, it is determined that the corresponding file of the suffix name is
Risk file filters the risk file.
In the present embodiment, risk index is being determined according to the characteristic information of file, according to risk index to the file of upload
The file retained after being filtered carries out risk detection again, by determine file suffix name whether with after secure file
Sew name it is identical come determine the file whether safety, if not identical, determine the file for risk file, to the file of upload
Multiple risks detection is carried out to improve the safety of upper transmitting file.
Optionally, based on file uploading method provided in above-mentioned Fig. 1 embodiment, in embodiments of the present invention, in Fig. 1
After shown step S103, as shown in figure 5, the file uploading method further include:
E1: the file header of the suffix name and the file that obtain the file identifies.
E2: the file header of the suffix name and the file that judge the file identifies whether unanimously.
E3: if the file header and file header mark are inconsistent, it is determined that the file is risk file, filters institute
State risk file.
Further, if the file header and file header mark are consistent, it is determined that the file is legal.
In embodiments of the present invention, the suffix name of the file of different type (format) is not identical, and illegal user may pass through
Continue to upload after the suffix name to tamper with a document, therefore, be verified by the file header mark to file to determine the file
Whether it is tampered.For example, the following are the corresponding relationships of some suffix names and file header:
1.JPEG
File header identifies (2bytes): ff, d8 (SOI) (jpeg file mark)
The end of file identifies (2bytes): $ ff, $ d9 (EOI)
2.TGA
Unpressed preceding 5 byte 00 00 02 00 00
Preceding 5 byte 00 00 10 00 00 of-RLE compression
3.PNG
File header identifies 47 0D 0A 1A 0A of (8bytes) 89 50 4E
4.GIF
File header identifies (6bytes) 47 49 46 38 39 (37) 61
5.BMP
File header identifies (2bytes) 42 4D
6.PCX
File header identifies (1bytes) 0A
7.GIFF
File header identifies (2bytes) 4D 4D or 49 49
8.ICO
File header identifies (8bytes) 00 00 01 00 01 00 20 20
9.CUR
File header identifies (8bytes) 00 00 02 00 01 00 20 20
10.IFF
File header identifies 52 4D of (4bytes) 46 4F
11.ANI
File header identifies (4bytes) 52 49 46 46.
Specifically, hereof, the suffix name of file and the file header of file be it is one-to-one, different file types
The file header mark of file is not identical, verifies to the file header mark of the file of upload, if the file header mark of file with
The suffix name of the file is inconsistent, then the suffix name of the file is tampered, and determines that the file for risk file, filters institute
Risk file is stated, forbids uploading.
In embodiments of the present invention, the file header of the file retained after filtering mark is verified to determine that this document is
No to be tampered, the documentation risk being tampered is larger, to be filtered again to file, as far as possible on exclusion risk file
It passes, to improve the safety of file upload.
It should be understood that the size of the serial number of each step is not meant that the order of the execution order in above-described embodiment, each process
Execution sequence should be determined by its function and internal logic, the implementation process without coping with the embodiment of the present invention constitutes any limit
It is fixed.
Corresponding to file uploading method described in foregoing embodiments, Fig. 6 is shown on file provided by the embodiments of the present application
The structural block diagram for passing device illustrates only part relevant to the embodiment of the present application for ease of description.
Referring to Fig. 6, it includes: characteristic acquisition unit 61, risk index determination unit 62, file that this document, which uploads device,
Filter element 63, virus scan unit 64, file uploading unit 65, in which:
Characteristic acquisition unit 61 obtains the characteristic information of the file if uploading for monitoring file;
Risk index determination unit 62 determines the risk of the file for the characteristic information according to the file
Index;
First file filtering unit 63 retains for being filtered according to the risk index of the file to the file
Risk index is lower than the file of default value-at-risk;
Virus scan unit 64, for carrying out virus scan to the file retained after filtering;
File uploading unit 65, if uploading the file by the virus scan for the file.
Optionally, the characteristic information includes word frequency, and the characteristic acquisition unit 61 includes:
Textual scan module obtains the content of text of the file for scanning the file;
Word segmentation module obtains each point for constituting the content of text for carrying out word segmentation processing to the content of text
Word;
Keyword comparison module determines in the content of text for comparing each participle with predetermined keyword
With the presence or absence of participle identical with predetermined keyword;
Word frequency computing module, if being counted for there is participle identical with the predetermined keyword in the content of text
Calculate the word frequency of participle identical with the predetermined keyword.
Optionally, the risk index determination unit 62 includes:
Coefficient searching module, for searching the corresponding risk system of the predetermined keyword in predetermined keyword risk table
Number;
Risk index determining module, for determining that the risk of the file refers to according to the risk factor and the word frequency
Number.Specifically, determining the risk index of the file according to the following formula:
Wherein, fiFor in file it is identical with predetermined keyword participle i word frequency,niIndicate keyword i in institute
The number occurred in file is stated, M indicates total participle number of the file;λiIndicate predetermined keyword corresponding with participle i pre-
If corresponding risk factor in keyword risk table, N are positive integer, indicate in the file exist respectively with predetermined keyword phase
Keyword sum in same participle sum namely the file.Func be any one realization from [0 ,+∞) to [0,1) map
Monotonically increasing function, such as any one desirable following function: Or
Optionally, the characteristic information includes file type, user identifier and platform identification, and the risk index determines single
First 62 include:
The corresponding type risk index of file type of the file is searched from preset type risk index table
Index_Type;
The corresponding consumer's risk index of user identifier of the file is searched from preset consumer's risk index table
Index_UserUP;
The corresponding platform risk index of platform identification of the file is searched from preset platform risk index table
Index_Platform;
The risk index RskDeg of the file is determined according to the following formula:
RiskDeg=Func (α * Index_Type+ β * Index_UserUP+ δ * Index_Platform);
Wherein, α is the corresponding default weight of file type of the file, and β is that the user identifier of the file is corresponding
Default weight, δ are the corresponding default weight of platform identification of the file, Func be any one realization from [0 ,+∞) to [0,
1) monotonically increasing function mapped.
Optionally, as shown in fig. 7, the file uploads device further include:
Mark acquiring unit 71, for obtaining the suffix name of the file and the file header mark of the file;
Verification unit 72 is identified, the suffix name and the file header of the file for judging the file identify whether one
It causes;
Second file filtering unit 73, if inconsistent for the file header and file header mark, it is determined that described
File is risk file, filters the risk file.
Optionally, the file uploads device further include:
Suffix name acquiring unit, for obtaining the suffix name of the file;
Suffix name judging unit, for judging the suffix name whether in default suffix name set;
Third file filtering unit, if for the suffix name not in the default suffix name set, it is determined that described
The corresponding file of suffix name is risk file, filters the risk file.
In the embodiment of the present invention, if monitoring file upload, the characteristic information of the file is obtained, according to the file
The characteristic information determines the risk index of the file, to be carried out according to the risk index of the file to the file
Filtering retains the file that risk index is lower than default value-at-risk, realizes the first time risk supervision to file to be uploaded, then right
The file retained after filtering carries out virus scan, realizes and carries out second of risk supervision to file to be uploaded, if the file
By the virus scan, then the file is uploaded, this programme has effect by carrying out multiple risk supervision to the file of upload
A possibility that safety for demonstrate,proving file, the file for reducing upload is risk file, so that the safety of file upload is improved, to protect
Hinder the server even safety of network.
Fig. 8 is the schematic diagram for the server that one embodiment of the invention provides.As shown in figure 8, the server 8 of the embodiment wraps
It includes: processor 80, memory 81 and being stored in the computer that can be run in the memory 81 and on the processor 80
Program 82, such as file upload program.The processor 80 is realized when executing the computer program 82 on above-mentioned each file
Step in transmission method embodiment, such as step 101 shown in FIG. 1 is to 105.Alternatively, the processor 80 executes the calculating
The function of each module/unit in above-mentioned each Installation practice, such as the function of module 61 to 65 shown in Fig. 6 are realized when machine program 82
Energy.
Illustratively, the computer program 82 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 81, and are executed by the processor 80, to complete the present invention.Described one
A or multiple module/units can be the series of computation machine program instruction section that can complete specific function, which is used for
Implementation procedure of the computer program 82 in the server 8 is described.
The server 8 can be desktop PC, notebook, palm PC and cloud server etc. and calculate equipment.
The server may include, but be not limited only to, processor 80, memory 81.It will be understood by those skilled in the art that Fig. 8 is only
It is the example of server 8, does not constitute the restriction to server 8, may include than illustrating more or fewer components or group
Close certain components or different components, for example, the server can also include input-output equipment, network access equipment,
Bus etc..
The processor 80 can be central processing unit (Central Processing Unit, CPU), can also be
Other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor
Deng.
The memory 81 can be the internal storage unit of the server 8, such as the hard disk or memory of server 8.
The memory 81 is also possible to the External memory equipment of the server 8, such as the plug-in type being equipped on the server 8 is hard
Disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card
(Flash Card) etc..Further, the memory 81 can also both include the internal storage unit of the server 8 or wrap
Include External memory equipment.The memory 81 is for other programs needed for storing the computer program and the server
And data.The memory 81 can be also used for temporarily storing the data that has exported or will export.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated module/unit be realized in the form of SFU software functional unit and as independent product sale or
In use, can store in a computer readable storage medium.Based on this understanding, the present invention realizes above-mentioned implementation
All or part of the process in example method, can also instruct relevant hardware to complete, the meter by computer program
Calculation machine program can be stored in a computer readable storage medium, the computer program when being executed by processor, it can be achieved that on
The step of stating each embodiment of the method.Wherein, the computer program includes computer program code, the computer program generation
Code can be source code form, object identification code form, executable file or certain intermediate forms etc..The computer-readable medium
It may include: any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic that can carry the computer program code
Dish, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM,
Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that described
The content that computer-readable medium includes can carry out increasing appropriate according to the requirement made laws in jurisdiction with patent practice
Subtract, such as does not include electric carrier signal and electricity according to legislation and patent practice, computer-readable medium in certain jurisdictions
Believe signal.
Embodiment described above is merely illustrative of the technical solution of the present invention, rather than its limitations;Although referring to aforementioned reality
Applying example, invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each
Technical solution documented by embodiment is modified or equivalent replacement of some of the technical features;And these are modified
Or replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution should all
It is included within protection scope of the present invention.
Claims (10)
1. a kind of file uploading method characterized by comprising
If monitoring file upload, the characteristic information of the file is obtained;
According to the characteristic information of the file, the risk index of the file is determined;
The file is filtered according to the risk index of the file, retains the text that risk index is lower than default value-at-risk
Part;
Virus scan is carried out to the file retained after filtering;
If the file uploads the file by the virus scan.
2. file uploading method according to claim 1, which is characterized in that the characteristic information includes word frequency, described to obtain
Take the characteristic information of the file, comprising:
The file is scanned, the content of text of the file is obtained;
Word segmentation processing is carried out to the content of text, obtains each participle for constituting the content of text;
Each participle is compared with predetermined keyword, is determined in the content of text with the presence or absence of identical as predetermined keyword
Participle;
If there is participle identical with the predetermined keyword in the content of text, calculate identical as the predetermined keyword
Participle word frequency.
3. file uploading method according to claim 2, which is characterized in that described to be believed according to the feature of the file
Breath, determines the risk index of the file, comprising:
The corresponding risk factor of the predetermined keyword is searched in predetermined keyword risk table;
According to the risk factor and the word frequency, the risk index of the file is determined.
4. file uploading method according to claim 1, which is characterized in that the characteristic information includes file type, uses
Family mark and platform identification, the characteristic information according to the file determine the risk index of the file, comprising:
The corresponding type risk index Index_ of file type of the file is searched from preset type risk index table
Type;
The corresponding consumer's risk index Index_ of user identifier of the file is searched from preset consumer's risk index table
UserUP;
The corresponding platform risk index Index_ of platform identification of the file is searched from preset platform risk index table
Platform;
The risk index RskDeg of the file is determined according to the following formula:
RiskDeg=Func (α * Index_Type+ β * Index_UserUP+ δ * Index_Platform);
Wherein, α is the corresponding default weight of file type of the file, and β is that the user identifier of the file is corresponding default
Weight, δ are the corresponding default weight of platform identification of the file.
5. file uploading method according to any one of claims 1 to 4, which is characterized in that described according to the file
Risk index the file is filtered, retain risk index and be lower than after the file of default value-at-risk, further includes:
Obtain the suffix name of the file;
Judge the suffix name whether in default suffix name set;
If the suffix name is not in the default suffix name set, it is determined that the corresponding file of the suffix name is risk text
Part filters the risk file.
6. file uploading method according to any one of claims 1 to 4, which is characterized in that described according to the file
Risk index the file is filtered, retain risk index and be lower than after the file of default value-at-risk, further includes:
The file header of the suffix name and the file that obtain the file identifies;
The file header of the suffix name and the file that judge the file identifies whether unanimously;
If the file header identifies inconsistent with the file header, it is determined that the file is risk file, filters the risk
File.
7. a kind of computer readable storage medium, the computer-readable recording medium storage has computer program, and feature exists
In the step of realization file uploading method as described in any one of claims 1 to 6 when the computer program is executed by processor
Suddenly.
8. a kind of server, including memory, processor and storage can transport in the memory and on the processor
Capable computer program, which is characterized in that the processor realizes following steps when executing the computer program:
If monitoring file upload, the characteristic information of the file is obtained;
According to the characteristic information of the file, the risk index of the file is determined;
The file is filtered according to the risk index of the file, retains the text that risk index is lower than default value-at-risk
Part;
Virus scan is carried out to the file retained after filtering;
If the file uploads the file by the virus scan.
9. server according to claim 8, which is characterized in that the characteristic information includes word frequency, described in the acquisition
The characteristic information of file, comprising:
The file is scanned, the content of text of the file is obtained;
Word segmentation processing is carried out to the content of text, obtains each participle for constituting the content of text;
Each participle is compared with predetermined keyword, is determined in the content of text with the presence or absence of identical as predetermined keyword
Participle;
If there is participle identical with the predetermined keyword in the content of text, calculate identical as the predetermined keyword
Participle word frequency.
10. according to the described in any item servers of claim 8 to 9, which is characterized in that the processor executes the computer
Following steps are also realized when program:
The file header of the suffix name and the file that obtain the file identifies;
The file header of the suffix name and the file that judge the file identifies whether unanimously;
If the file header identifies inconsistent with the file header, it is determined that the file is risk file, filters the risk
File.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811017737.9A CN109194739B (en) | 2018-09-03 | 2018-09-03 | File uploading method, storage medium and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811017737.9A CN109194739B (en) | 2018-09-03 | 2018-09-03 | File uploading method, storage medium and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109194739A true CN109194739A (en) | 2019-01-11 |
| CN109194739B CN109194739B (en) | 2023-06-13 |
Family
ID=64917852
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811017737.9A Active CN109194739B (en) | 2018-09-03 | 2018-09-03 | File uploading method, storage medium and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109194739B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110929110A (en) * | 2019-11-13 | 2020-03-27 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN111008401A (en) * | 2019-12-10 | 2020-04-14 | 中国银行股份有限公司 | Text saving method and device |
| CN111026701A (en) * | 2019-11-04 | 2020-04-17 | 厦门天锐科技股份有限公司 | Method for intelligently selecting approval process based on file type |
| CN111597552A (en) * | 2020-04-15 | 2020-08-28 | 深圳市捷顺科技实业股份有限公司 | Code scanning method and terminal equipment |
| CN113190837A (en) * | 2021-03-29 | 2021-07-30 | 贵州电网有限责任公司 | Web attack behavior detection method and system based on file service system |
| CN116760819A (en) * | 2023-07-14 | 2023-09-15 | 中电长城网际系统应用广东有限公司 | Computer file network transmission method, computer device and device medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103761480A (en) * | 2014-01-13 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting file security |
| US20150264060A1 (en) * | 2012-09-03 | 2015-09-17 | Linfeng Li | Method and apparatus for uploading files |
| US9330264B1 (en) * | 2014-11-26 | 2016-05-03 | Glasswall (Ip) Limited | Statistical analytic method for the determination of the risk posed by file based content |
| CN105577841A (en) * | 2013-07-12 | 2016-05-11 | 北京金山云网络技术有限公司 | Method, device, client, server and equipment for file synchronization |
| CN106227893A (en) * | 2016-08-24 | 2016-12-14 | 乐视控股(北京)有限公司 | A kind of file type acquisition methods and device |
| CN107370747A (en) * | 2017-08-14 | 2017-11-21 | 北京奇安信科技有限公司 | A kind of method and device for preventing malicious file from propagating |
| CN107707679A (en) * | 2017-11-27 | 2018-02-16 | 小草数语(北京)科技有限公司 | File uploading method and device |
-
2018
- 2018-09-03 CN CN201811017737.9A patent/CN109194739B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150264060A1 (en) * | 2012-09-03 | 2015-09-17 | Linfeng Li | Method and apparatus for uploading files |
| CN105577841A (en) * | 2013-07-12 | 2016-05-11 | 北京金山云网络技术有限公司 | Method, device, client, server and equipment for file synchronization |
| CN103761480A (en) * | 2014-01-13 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting file security |
| US9330264B1 (en) * | 2014-11-26 | 2016-05-03 | Glasswall (Ip) Limited | Statistical analytic method for the determination of the risk posed by file based content |
| CN106227893A (en) * | 2016-08-24 | 2016-12-14 | 乐视控股(北京)有限公司 | A kind of file type acquisition methods and device |
| CN107370747A (en) * | 2017-08-14 | 2017-11-21 | 北京奇安信科技有限公司 | A kind of method and device for preventing malicious file from propagating |
| CN107707679A (en) * | 2017-11-27 | 2018-02-16 | 小草数语(北京)科技有限公司 | File uploading method and device |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111026701A (en) * | 2019-11-04 | 2020-04-17 | 厦门天锐科技股份有限公司 | Method for intelligently selecting approval process based on file type |
| CN110929110A (en) * | 2019-11-13 | 2020-03-27 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN110929110B (en) * | 2019-11-13 | 2023-02-21 | 北京北信源软件股份有限公司 | Electronic document detection method, device, equipment and storage medium |
| CN111008401A (en) * | 2019-12-10 | 2020-04-14 | 中国银行股份有限公司 | Text saving method and device |
| CN111597552A (en) * | 2020-04-15 | 2020-08-28 | 深圳市捷顺科技实业股份有限公司 | Code scanning method and terminal equipment |
| CN111597552B (en) * | 2020-04-15 | 2023-11-10 | 深圳市捷顺科技实业股份有限公司 | Code scanning method and terminal equipment |
| CN113190837A (en) * | 2021-03-29 | 2021-07-30 | 贵州电网有限责任公司 | Web attack behavior detection method and system based on file service system |
| CN116760819A (en) * | 2023-07-14 | 2023-09-15 | 中电长城网际系统应用广东有限公司 | Computer file network transmission method, computer device and device medium |
| CN116760819B (en) * | 2023-07-14 | 2024-01-30 | 中电长城网际系统应用广东有限公司 | Computer file network transmission method, computer device and device medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109194739B (en) | 2023-06-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109194739A (en) | A kind of file uploading method, storage medium and server | |
| US20220197923A1 (en) | Apparatus and method for building big data on unstructured cyber threat information and method for analyzing unstructured cyber threat information | |
| CN102171702B (en) | The detection of confidential information | |
| CN103473506B (en) | For the method and apparatus identifying malice APK file | |
| CN107341401B (en) | A method and device for detecting malicious applications based on machine learning | |
| CN103678118B (en) | The compliance detection method of a kind of Java source code and device | |
| CN108985064B (en) | Method and device for identifying malicious document | |
| CN108763928A (en) | A kind of open source software leak analysis method, apparatus and storage medium | |
| CN111585955A (en) | A method and system for detecting abnormality of HTTP requests | |
| KR20180085756A (en) | Order Clustering and Malicious Information Fighting Methods and Devices | |
| CN109246064A (en) | Safe access control, the generation method of networkaccess rules, device and equipment | |
| CN111783132A (en) | Method, device, equipment and medium for SQL statement security detection based on machine learning | |
| CN113901484A (en) | A risk-based vulnerability management method and device | |
| WO2020082763A1 (en) | Decision trees-based method and apparatus for detecting phishing website, and computer device | |
| CN109359251A (en) | Audit method for early warning, device and the terminal device of application system service condition | |
| CN110972086A (en) | Short message processing method and device, electronic equipment and computer readable storage medium | |
| CN105468975A (en) | Method, device and system for tracking malicious code misinformation | |
| CN117421640B (en) | API asset identification method, device, equipment and storage medium | |
| CN114398887B (en) | Text classification method, device and electronic equipment | |
| CN116821903A (en) | Detection rule determination and malicious binary file detection method, device and medium | |
| CN116305104A (en) | Block chain-based data intrusion evidence obtaining method, device, equipment and medium | |
| CN114840872A (en) | Secret text desensitization method and device, computer equipment and readable storage medium | |
| CN113722641A (en) | AI-based injection request protection method, device, terminal equipment and medium | |
| CN113824565A (en) | Block chain sensitive information management method and related device | |
| CN118260589B (en) | Method, device, and electronic device for training large language model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |