CN113449300A - Method and device for automatically distributing and scanning viruses for distributed server - Google Patents
Method and device for automatically distributing and scanning viruses for distributed server Download PDFInfo
- Publication number
- CN113449300A CN113449300A CN202110599890.2A CN202110599890A CN113449300A CN 113449300 A CN113449300 A CN 113449300A CN 202110599890 A CN202110599890 A CN 202110599890A CN 113449300 A CN113449300 A CN 113449300A
- Authority
- CN
- China
- Prior art keywords
- scanning
- node
- file
- mirror image
- management node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 241000700605 Viruses Species 0.000 title claims abstract description 119
- 238000000034 method Methods 0.000 title claims abstract description 55
- 230000008569 process Effects 0.000 claims description 25
- 230000002155 anti-virotic effect Effects 0.000 claims description 21
- 238000012544 monitoring process Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000007726 management method Methods 0.000 description 72
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000007482 viral spreading Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
本申请涉及一种分布式服务器自动分配并扫描病毒的方法及装置,其中方法包括:管理节点从扫描节点获取镜像扫描信息来构建扫描时间模型,所述管理节点从镜像服务器获取待扫描镜像文件的文件信息;所述管理节点根据所述文件信息创建病毒扫描任务;所述管理节点利用所述扫描时间模型计算每个扫描节点完成目标病毒扫描任务的时刻;所述管理节点给能最早完成的扫描节点分配目标病毒扫描任务;扫描节点根据目标病毒扫描任务从镜像服务器下载相应镜像文件并扫描,生成扫描日志上传镜像服务器;扫描节点生成镜像扫描信息并上传至管理节点。本申请由多个扫描节点为一个镜像服务器提供扫描服务,大大提高扫描效率,减少扫描延迟,解放镜像服务器性能。
The present application relates to a method and device for automatically distributing and scanning viruses by a distributed server, wherein the method includes: a management node obtains image scanning information from a scanning node to construct a scanning time model, and the management node obtains from the image server the information of the image file to be scanned. file information; the management node creates a virus scanning task according to the file information; the management node calculates the time when each scanning node completes the target virus scanning task by using the scanning time model; the management node gives the scan that can be completed the earliest The node assigns the target virus scanning task; the scanning node downloads the corresponding image file from the mirror server according to the target virus scanning task and scans it, generates a scan log and uploads it to the mirror server; the scanning node generates the mirror scanning information and uploads it to the management node. In this application, a plurality of scanning nodes provide scanning services for a mirror server, which greatly improves scanning efficiency, reduces scanning delay, and liberates the performance of the mirror server.
Description
Technical Field
The present application relates to the field of mirror image virus scanning, and in particular, to a method and an apparatus for automatically allocating and scanning viruses for a distributed server.
Background
For linux users, downloading image files through an image site is one of the important ways to obtain applications and files. Mirror sites often employ FTP servers as mirror servers to store management mirror files. For the mirror image server, the security threat faced by the mirror image server is mainly from viruses carried by the uploaded mirror image file. Once the image file carrying the virus is released through the image server, the image file is downloaded and installed by a user, so that a large-scale virus spreading event can be easily caused.
Therefore, security audit needs to be performed on the image file uploaded to the image server to ensure the security of the image file. In the prior art, one mode is to configure antivirus software on a mirror image server, and start the antivirus software to scan and kill viruses after uploading a mirror image, and the antivirus software is configured locally on the mirror image server, so that on one hand, the antivirus process occupies resources of the mirror image server, on the other hand, the antivirus software is limited by the performance of the mirror image server, and the efficiency of the antivirus software for scanning a mirror image file is limited. As the number of applications, systems, and the like maintained and managed by the image server increases, the uploading amount of the related image files also increases. The antivirus software of the mirror image server is used for scanning the mirror image files, so that a plurality of mirror image files can wait, and serious release delay is caused. And the other method is that the uploading person locally scans the mirror image file, and uploads the mirror image file to the mirror image server after ensuring the safety of the mirror image file. The method needs to maintain a special mirror image scanning team, manually allocates a mirror image scanning task, scans and uploads, and is low in efficiency.
Disclosure of Invention
In order to solve the above technical problem or at least partially solve the above technical problem, in a first aspect, the present application provides a method for automatically allocating and scanning viruses by a distributed server, including:
the management node acquires mirror image scanning information from the scanning node to construct a scanning time model,
the management node acquires file information of a mirror image file to be scanned from a mirror image server;
the management node creates a virus scanning task according to the file information;
the management node calculates the time when each scanning node completes the target virus scanning task by using the scanning time model;
the management node distributes a target virus scanning task to the scanning node which can be completed earliest;
the scanning node downloads and scans a corresponding image file from the image server according to the target virus scanning task, generates a scanning log and uploads the scanning log to the image server;
and the scanning node uploads the image scanning information of the scanned image file to the management node.
Further, the image scanning information includes an image file type, an image file capacity, and an actual scanning time for scanning the image file.
Further, the process of constructing the scan time model by the management node comprises the following steps:
the management node defines a scanning time variable aiming at the type of the mirror image file for each scanning node;
initializing scanning time variables, wherein the initial value of any scanning time variable is far less than the time of scanning the mirror image file viruses corresponding to unit capacity by a scanning node;
the management node acquires the mirror image scanning information;
the management node updates the corresponding scanning time variable according to the type of the image file:
the scan time variable is the total time of the scan image file/the total volume of the scan image file.
Further, the file information includes an image file name, an image file type, an image file capacity, and an image file path.
Furthermore, the management node creates a virus scanning task according to the file information;
constructing a data structure containing the file information and the connection parameters of the mirror image server;
the data structure is constructed into a virus scanning task queue through a linked list.
Furthermore, the management node sends the information containing the file information and the mirror image server connection parameters to the scanning node, the scanning node is connected with the mirror image server according to the mirror image server connection parameters, and the scanning node downloads the corresponding mirror image file from the mirror image server according to the mirror image file name and the mirror image file path in the file information.
Furthermore, the management node monitors the working state of the scanning node;
when distributing a virus scanning task, a management node firstly judges whether a scanning node in an idle state exists;
if the scanning nodes in the idle state exist, sequentially distributing virus scanning tasks to the scanning nodes in the idle state;
and if no scanning node in an idle state exists, calculating the time when each scanning node completes the target virus scanning task by using the scanning time model, and distributing the target virus scanning task to the scanning node which can be completed earliest.
In a second aspect, the present application provides a device for automatically distributing and scanning viruses for a distributed server, including a mirror image server, where the mirror image server is used to store an uploaded mirror image file;
the management node is connected with the mirror image server and acquires file information of a mirror image file to be scanned from the mirror image server; generating a virus scanning task according to the file information; the management node maintains a scanning time model of each scanning node, calculates the moment when the scanning node completes a virus scanning task by using the scanning time model, and further distributes the virus scanning task to the scanning node which can be completed earliest;
the scanning nodes are connected with the management node and the mirror image server, and are configured with scanning antivirus programs; the scanning node downloads the image file from the image server according to the virus scanning task, scans the downloaded image file by the virus killing program, generates a scanning log and uploads the scanning log to the image server; the scanning node sends mirror scanning information to the management node to update the scanning time model.
Furthermore, the mirror image server is provided with a mirror image file monitoring module, a file information retrieval module and a file information transmission module, wherein the mirror image file monitoring module is used for monitoring whether a mirror image file is uploaded to the mirror image server or not and collecting a mirror image name; the file information retrieval module retrieves file information of the mirror image file according to the mirror image name, and the file information transmission module is used for sending the file information to the management node.
Furthermore, the scanning node is provided with a timing module, and the timing module is used for timing the time for scanning the image file by the scanning antivirus program.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages:
according to the method and the system, the management node acquires file information of the mirror image file to be scanned from the mirror image server, generates the virus scanning task according to the file information, calculates the moment when the scanning node connected with the management node completes the virus scanning task according to the content of the virus scanning task by using the scanning time model, and distributes the virus scanning task to the scanning node which completes the virus scanning task fastest. Scanning the mirror image file by the scanning node to generate a scanning log and mirror image scanning information; and uploading the scanning log to a mirror image server, and sending mirror image scanning information to a management node to update a scanning time model.
The virus scanning task can be automatically generated through the cooperation of the mirror image server and the management node, the management node and the scanning node are matched to maintain the scanning time model, the moment when the scanning node completes the virus scanning task is calculated through the scanning time model, and the virus scanning task is automatically distributed to the optimal scanning node. The method and the device can automatically and efficiently scan the mirror image file virus.
The mirror image server does not need to be configured with a scanning virus-checking program, and the performance of the mirror image server is liberated.
A plurality of scanning nodes provide scanning service for one image server, so that the scanning efficiency is greatly improved, the scanning delay is reduced, and the safe uploading of image files is completed more efficiently.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart of a method for automatically distributing and scanning viruses by a distributed server according to an embodiment of the present application;
FIG. 2 is a flowchart of maintaining a scan time model according to mirror scan information according to an embodiment of the present application;
fig. 3 is a flowchart illustrating a mirror server sending file information to a management node according to an embodiment of the present application;
FIG. 4 is a flowchart of another method for automatically distributing and scanning viruses by distributed servers according to an embodiment of the present disclosure;
fig. 5 is an architecture diagram of an apparatus for automatically distributing and scanning viruses by a distributed server according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Example 1
The embodiment provides a method for automatically distributing and scanning viruses by a distributed server, which is shown in fig. 1 and includes:
s100, the management node acquires mirror image scanning information from the scanning node to construct a scanning time model. Referring to fig. 2, the management node acquires mirror scan information from the scan node to construct a scan time model.
S101, the management node defines a scanning time variable aiming at the type of the image file for each scanning node. Mirror (Mirroring) is a form of file storage, and the types of mirror files include ISO, BIN, IMG, TAO, DAO, CIF, FCD. One possible way of naming the scan time variable is as follows: scan node name _ file type name _ Time. The scan time variable is used to estimate the time required for different scan nodes to scan different types of image files per unit volume. For the scan node name of host2, the scan Time variable for the image file type of ISO is host2_ ISO _ Time, which represents the Time required for host2 to scan a unit volume of ISO image files.
S102, scanning time variables are initialized, and the initial value of any scanning time variable is far less than the time of scanning the mirror image file viruses corresponding to unit capacity by a scanning node; the initial value of the scanning time variable is small, the management node considers that the time required for processing the virus scanning task is short, the virus scanning task is distributed to the scanning nodes which do not execute the scanning, once the scanning nodes execute the virus scanning task, the updated scanning time variable is far larger than the initial value, and the management node distributes the virus scanning task to the nodes which do not execute the scanning.
S103, the management node acquires the mirror image scanning information. The mirror image scanning information comprises the type of the mirror image file, the capacity of the mirror image file and the actual scanning time of the scanned mirror image file. In a specific implementation process, when the scanning node scans the image file, the scanning process is timed. And after the scanning is finished, the scanning node sends the type of the image file, the capacity of the image file and the actual scanning time to the management node.
S104, the management node updates the corresponding scanning time variable according to the type of the image file:
the scan time variable is the total time of the scan image file/the total volume of the scan image file. In a specific implementation process, the total time for scanning the image file is the total time of the original scanning image file + the actual scanning time of the image scanning information, and the total capacity of the scanning image file is the total capacity of the original scanning image file + the image file capacity of the image scanning information. As the amount of image files scanned by the scanning node increases and the scanning time increases, the scanning time variable will be closer to the actual required time for the scanning node to scan a unit volume of corresponding image files.
The set of all scan time variables for any scan node forms a scan time variable model for that scan node.
S200, the management node acquires the file information of the mirror image file to be scanned from the mirror image server. In a specific implementation process, referring to fig. 3, the process of acquiring, by the management node, the file information of the image file to be scanned from the image server includes:
s201, the mirror image server locally runs a mirror image uploading monitoring program, the mirror image uploading monitoring program circularly reads the system log file of the mirror image server,
s202, matching the keywords related to image uploading in the system log file to judge whether a new image file is uploaded to the image server,
s203, if a new mirror image is uploaded to the mirror image server, file information of the mirror image file is collected, wherein the file information comprises a mirror image file name, a mirror image file type, a mirror image file capacity and a mirror image file path. The mirror image file path is a storage path of the mirror image file in the mirror image server.
S204, writing the collected file information into a set file;
s205, the mirror image server transmits the setting file to the management node.
S300, the management node creates a virus scanning task according to the file information. Constructing a data array type data structure containing the file information and the mirror image server connection parameters in a specific implementation process; the elements of the array type data structure are sequentially a mirror image file name, a mirror image file type, a mirror image file capacity, a mirror image file path, a user name connected with a mirror image server and a password connected with the mirror image server.
The data structure is constructed into a virus scanning task queue through a linked list. The data structure which firstly enters the virus scanning task queue is firstly indexed in a linked list mode, and then enters the data structure of the virus scanning task queue and is indexed.
S400, the management node calculates the time when each scanning node completes the target virus scanning task by using the scanning time model; in a specific implementation process, the type of the root image file of the management node selects a corresponding scanning time variable, the management node calculates the time for all the nodes to complete the target virus scanning task, and the time for completing the target virus scanning task is the scanning time variable of the scanning node and the capacity of the image file. And the management node counts the time when the scanning nodes are executing the task, and the time when each scanning node finishes the target virus scanning task is the time when the scanning node is executing the task plus the time when the target virus scanning task is finished.
S500, the management node distributes a target virus scanning task to the scanning node which can be completed earliest; in a specific implementation process, a management node compares the time when all scanning nodes complete a target virus scanning task, and the management node distributes the target virus scanning task to the scanning node with the minimum time when the target virus scanning task is completed; specifically, the management node sends the data structure to the scanning node.
S600, the scanning node downloads and scans a corresponding image file from the image server according to the target virus scanning task, generates a scanning log and uploads the scanning log to the image server; and the scanning node generates mirror image scanning information and uploads the mirror image scanning information to the management node.
In a specific implementation process, the scanning node analyzes the data structure content to obtain the name of the mirror image file, the type of the mirror image file, the capacity of the mirror image file, the path of the mirror image file, a user name connected with the mirror image server and a password connected with the mirror image server. The scanning node is connected to the mirror image server through a user name connected with the mirror image server and a password connected with the mirror image server, and if the scanning node is connected for the first time, the user name connected with the mirror image server and the password connected with the mirror image server are recorded to the local.
And the scanning node downloads the image file corresponding to the image file name from the image server according to the image file path and stores the downloaded image file to an appointed directory of the scanning node. The scanning node is configured with a scanning antivirus program starting script, the starting script monitors whether an image file is written in a designated directory, and if the image file is written in, the starting script starts the scanning antivirus program to scan the written image file.
The scanning antivirus program generates a corresponding scanning log in the scanning process. The scanning node names the scanning log as an image file name _ log, and the scanning node sends the scanning log to the position under the image file path. The examiner can determine the image file corresponding to the scanning log according to the name of the scanning log, and judge whether the image file is safe or not according to the content of the scanning log.
In the process of scanning the image file by the scanning antivirus program, the scanning node times the scanning process until the scanning of the image file is completed, and the actual scanning time of the image file is obtained through timing. And the scanning node sends the type of the image file, the capacity of the image file and the actual scanning time as image scanning information to the management node.
Example 2
The embodiment provides a method for automatically distributing and scanning viruses for a distributed server, which monitors the working state of scanning nodes through a management node; in the specific implementation process, the management node judges whether the scanning node is in a working state or an idle state according to the virus scanning task distributed to the scanning node and the mirror image scanning information fed back to the management node by the scanning node.
The embodiment provides a method for automatically distributing and scanning viruses for a distributed server, and as shown in fig. 4, the process includes:
and S10, the management node acquires mirror image scanning information from the scanning node to construct a scanning time model.
And S20, the management node acquires the file information of the mirror image file to be scanned from the mirror image server.
And S30, the management node creates a virus scanning task according to the file information.
S40, firstly, judging whether a scanning node in an idle state exists; if there is a scanning node in an idle state, S50 is performed; if there is no scanning node in the idle state, S60 is performed.
S50, distributing virus scanning tasks to scanning nodes in an idle state in sequence; in a specific implementation process, a plurality of scanning nodes in an idle state may exist at the same time, a scanning node sequence table is configured in a management node, and for the scanning nodes in idle filling, virus scanning tasks are sequentially distributed according to the sequence of the scanning nodes in the scanning node sequence table.
And S60, calculating the time when each scanning node completes the target virus scanning task by using the scanning time model, and distributing the target virus scanning task to the scanning node which can be completed earliest. Compared with embodiment 1, embodiment 2 reduces the process of calculating the time when each scanning node completes the target virus scanning task when the idle state scanning node exists.
S70, the scanning node downloads and scans the corresponding image file from the image server according to the target virus scanning task, generates a scanning log and uploads the scanning log to the image server; and the scanning node generates mirror image scanning information and uploads the mirror image scanning information to the management node.
Example 3
The embodiment provides a device for automatically distributing and scanning viruses for a distributed server, which is shown in fig. 5 and includes a mirror image server, where the mirror image server is used to store a mirror image file;
and the management node is connected with the mirror image server. In a specific implementation process, on one hand, the management node acquires file information of an image file to be scanned from the image server, and generates a virus scanning task according to the file information.
On the other hand, the management node maintains the scanning time model of each scanning node, calculates the time when the scanning node completes the virus scanning task by using the scanning time model, and then distributes the virus scanning task to the scanning node which can be completed earliest according to the time when the virus scanning task is completed.
The scanning nodes and the management nodes form a distributed layout, and when the current management node fails, the distributed layout can generate a new management node in an election mode, so that the device for automatically distributing and scanning the viruses by the distributed server has fault tolerance, and the scanning antivirus program can be uniformly updated by adopting the distributed layout, and the updating of the scanning antivirus program is convenient. The scanning node is configured with a scanning antivirus program; the scanning node downloads the image file from the image server according to the virus scanning task, scans the downloaded image file by the virus killing program, and generates a scanning log, and uploads the scanning log to the image server, specifically, to a path where the image file is located.
And the scanning node is provided with a timing module, and the timing module is used for timing the time of scanning the mirror image file by the scanning antivirus program. And acquiring the actual scanning time of the image file by timing, sending the image scanning information to a management node by the scanning node, and updating a scanning time model by the management node according to the image scanning information.
In a specific implementation process, the mirror image server is provided with a mirror image file monitoring module, a file information retrieval module and a file information transmission module, wherein the mirror image file monitoring module is used for monitoring whether a mirror image file is uploaded to the mirror image server or not and acquiring a mirror image name; the file information retrieval module retrieves file information of the mirror image file according to the mirror image name, and the file information transmission module is used for sending the file information to the management node.
Example 4
The present embodiment provides a storage medium for automatically allocating and scanning viruses by a distributed server, where the storage medium stores at least one instruction, and executes the instruction to implement the method for automatically allocating and scanning viruses by a distributed server described in embodiment 1 or embodiment 2.
The principle of the method and the device for automatically distributing and scanning the viruses by the distributed server is as follows:
circularly reading a system log file of the mirror image server by a mirror image uploading monitoring program running on the mirror image server, judging whether a mirror image file is uploaded to the mirror image server or not by matching with a key rule related to mirror image uploading, acquiring file information of the mirror image file uploaded to the mirror image server and sending the file information to a management node; mirror image file of mirror image server just uploaded
The management node generates a virus scanning task according to the file information, selects a scanning time variable in a scanning time model according to the type of the mirror image file in the virus scanning task, multiplies the scanning time variable by the capacity of the mirror image file to calculate the completion time of the virus scanning task by the scanning node connected with the management node, accumulates the time to the moment when the virus scanning task is completed by each scanning node, and takes the scanning node with the minimum moment and distributes the virus scanning task to the scanning node.
And the scanning node for acquiring the virus scanning task analyzes the task content to acquire the mirror image name and the mirror image file path, is connected with the mirror image server, and downloads the mirror image file from the mirror image file path according to the mirror image name. Scanning the image file by the scanning node through a scanning antivirus program to generate a scanning log, and uploading the scanning log to the image file path of the image server; the scanning node counts the process of scanning the image file by the antivirus program to obtain the actual scanning time, prints the type of the image file, the capacity of the image file and the actual scanning time into image scanning information and sends the image scanning information to the management node; the management node adds the total volume of the image file to the total volume of the original scanned image file to obtain the total volume of the current scanned image file, adds the actual scanning time to the total time of the original scanned image file to obtain the total time of the current scanned image file, and updates the scanning time variable according to the total time of the current scanned image file/the total volume of the current scanned image file.
The virus scanning task can be automatically generated through the cooperation of the mirror image server and the management node, the management node and the scanning node are matched to maintain the scanning time model, the moment when the scanning node completes the virus scanning task is calculated through the scanning time model, and the virus scanning task is automatically distributed to the optimal scanning node. The method and the device can automatically and efficiently scan the mirror image file virus. The mirror image server does not need to be configured with a scanning virus-checking program, and the performance of the mirror image server is liberated. A plurality of scanning nodes provide scanning service for one image server, so that the scanning efficiency is greatly improved, the scanning delay is reduced, and the safe uploading of image files is completed more efficiently.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The foregoing are merely exemplary embodiments of the present invention, which enable those skilled in the art to understand or practice the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for automatically distributing and scanning viruses by a distributed server is characterized by comprising the following steps:
the management node acquires mirror image scanning information from the scanning node to construct a scanning time model;
the management node acquires file information of a mirror image file to be scanned from a mirror image server;
the management node creates a virus scanning task according to the file information;
the management node calculates the time when each scanning node completes the target virus scanning task by using the scanning time model;
the management node distributes a target virus scanning task to the scanning node which can be completed earliest;
the scanning node downloads and scans a corresponding image file from the image server according to the target virus scanning task, generates a scanning log and uploads the scanning log to the image server;
and the scanning node generates mirror image scanning information and uploads the mirror image scanning information to the management node.
2. The method for automatically distributing and scanning viruses by distributed servers according to claim 1, wherein the image scanning information comprises an image file type, an image file capacity and an actual scanning time of the scanned image file.
3. The method for automatically distributing and scanning viruses by the distributed server as claimed in claim 2, wherein the process of constructing the scanning time model by the management node comprises the following steps:
the management node defines a scanning time variable aiming at the type of the mirror image file for each scanning node;
initializing scanning time variables, wherein the initial value of any scanning time variable is far less than the time of scanning the mirror image file viruses corresponding to unit capacity by a scanning node;
the management node acquires the mirror image scanning information;
the management node updates the corresponding scanning time variable according to the type of the image file:
the scan time variable is the total time of the scan image file/the total volume of the scan image file.
4. The method for automatically distributing and scanning viruses by distributed servers according to claim 1, wherein the file information comprises a name of an image file, a type of the image file, a capacity of the image file, and a path of the image file.
5. The method for automatically distributing and scanning viruses by the distributed server according to claim 4, wherein the management node creates a virus scanning task according to the file information;
constructing a data structure containing the file information and the connection parameters of the mirror image server;
the data structure is constructed into a virus scanning task queue through a linked list.
6. The method for automatically distributing and scanning viruses by distributed servers according to claim 1, wherein the management node sends information including the file information and the connection parameters of the image server to the scanning node, the scanning node connects to the image server according to the connection parameters of the image server, and the scanning node downloads the corresponding image file from the image server according to the name and the path of the image file in the file information.
7. The method for automatically distributing and scanning viruses by distributed servers according to claim 1,
the management node monitors the working state of the scanning node;
when distributing a virus scanning task, a management node firstly judges whether a scanning node in an idle state exists;
if the scanning nodes in the idle state exist, sequentially distributing virus scanning tasks to the scanning nodes in the idle state;
and if no scanning node in an idle state exists, calculating the time when each scanning node completes the target virus scanning task by using the scanning time model, and distributing the target virus scanning task to the scanning node which can be completed earliest.
8. The device for automatically distributing and scanning the viruses by the distributed server is characterized by comprising a mirror image server, wherein the mirror image server is used for storing mirror image files;
the management node is connected with the mirror image server and acquires file information of a mirror image file to be scanned from the mirror image server; generating a virus scanning task according to the file information; the management node maintains a scanning time model of each scanning node, calculates the moment when the scanning node completes a virus scanning task by using the scanning time model, and further distributes the virus scanning task to the scanning node which can be completed earliest;
the scanning nodes are connected with the management node and the mirror image server, and are configured with scanning antivirus programs; the scanning node downloads the image file from the image server according to the virus scanning task, scans the downloaded image file by the virus killing program, generates a scanning log and uploads the scanning log to the image server; the scanning node sends mirror scanning information to the management node to update the scanning time model.
9. The device for automatically distributing and scanning viruses by the distributed servers according to claim 8, wherein the mirror server is provided with a mirror file monitoring module, a file information retrieval module and a file information transmission module, wherein the mirror file monitoring module is used for monitoring whether a mirror file is uploaded to the mirror server or not and collecting a mirror name; the file information retrieval module retrieves file information of the mirror image file according to the mirror image name, and the file information transmission module is used for sending the file information to the management node.
10. The apparatus for automatically distributing and scanning viruses by distributed servers according to claim 8, wherein the scanning node is configured with a timing module, and the timing module is used for timing the time for the scanning antivirus program to scan the image file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110599890.2A CN113449300B (en) | 2021-05-31 | 2021-05-31 | A method and device for automatically distributing and scanning viruses by a distributed server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110599890.2A CN113449300B (en) | 2021-05-31 | 2021-05-31 | A method and device for automatically distributing and scanning viruses by a distributed server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113449300A true CN113449300A (en) | 2021-09-28 |
| CN113449300B CN113449300B (en) | 2022-10-25 |
Family
ID=77810481
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110599890.2A Active CN113449300B (en) | 2021-05-31 | 2021-05-31 | A method and device for automatically distributing and scanning viruses by a distributed server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113449300B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114065226A (en) * | 2021-11-30 | 2022-02-18 | 北京天融信网络安全技术有限公司 | Mirrored security scanning method and device |
| CN114814687A (en) * | 2022-04-26 | 2022-07-29 | 上海联影医疗科技股份有限公司 | Magnetic resonance imaging method, magnetic resonance imaging apparatus, computer device, medium, and program product |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070083930A1 (en) * | 2005-10-11 | 2007-04-12 | Jim Dumont | Method, telecommunications node, and computer data signal message for optimizing virus scanning |
| CN106161450A (en) * | 2016-07-20 | 2016-11-23 | 上海携程商务有限公司 | Distributed HTTPS monitors method |
| CN111262839A (en) * | 2020-01-09 | 2020-06-09 | 深信服科技股份有限公司 | Vulnerability scanning method, management equipment, node and storage medium |
| CN111353161A (en) * | 2020-03-11 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Vulnerability scanning method and device |
| CN111355751A (en) * | 2018-12-20 | 2020-06-30 | 普天信息技术有限公司 | Task scheduling method and device |
| CN112511571A (en) * | 2021-02-07 | 2021-03-16 | 连连(杭州)信息技术有限公司 | Web vulnerability scanning method, device, system, equipment and storage medium |
-
2021
- 2021-05-31 CN CN202110599890.2A patent/CN113449300B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070083930A1 (en) * | 2005-10-11 | 2007-04-12 | Jim Dumont | Method, telecommunications node, and computer data signal message for optimizing virus scanning |
| CN106161450A (en) * | 2016-07-20 | 2016-11-23 | 上海携程商务有限公司 | Distributed HTTPS monitors method |
| CN111355751A (en) * | 2018-12-20 | 2020-06-30 | 普天信息技术有限公司 | Task scheduling method and device |
| CN111262839A (en) * | 2020-01-09 | 2020-06-09 | 深信服科技股份有限公司 | Vulnerability scanning method, management equipment, node and storage medium |
| CN111353161A (en) * | 2020-03-11 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Vulnerability scanning method and device |
| CN112511571A (en) * | 2021-02-07 | 2021-03-16 | 连连(杭州)信息技术有限公司 | Web vulnerability scanning method, device, system, equipment and storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114065226A (en) * | 2021-11-30 | 2022-02-18 | 北京天融信网络安全技术有限公司 | Mirrored security scanning method and device |
| CN114814687A (en) * | 2022-04-26 | 2022-07-29 | 上海联影医疗科技股份有限公司 | Magnetic resonance imaging method, magnetic resonance imaging apparatus, computer device, medium, and program product |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113449300B (en) | 2022-10-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113037777B (en) | Honeypot bait distribution method and device, storage medium and electronic equipment | |
| KR101201147B1 (en) | Method and system for downloading updates | |
| US7159036B2 (en) | Updating data from a source computer to groups of destination computers | |
| US20160269227A1 (en) | System and method for configuration management service | |
| US7676503B2 (en) | Hybrid computer restore using network service | |
| CN110263001B (en) | File management method, device, system, equipment and computer readable storage medium | |
| JP2006172472A5 (en) | ||
| CN111177601B (en) | Page rendering processing method, device, equipment and readable storage medium | |
| CN111538596A (en) | Resource processing method and device, computer equipment and storage medium | |
| CN113449300A (en) | Method and device for automatically distributing and scanning viruses for distributed server | |
| CN108810055B (en) | Large file transmission method and device | |
| CN111629058A (en) | Mirror image uploading method, device and system and back-end equipment | |
| JP2006099307A (en) | How to install application sets on distributed servers | |
| US20110066653A1 (en) | Management apparatus, information processing apparatus, and method therefor | |
| RU2449360C1 (en) | System and method for creating antivirus databases in accordance with personal computer parameters | |
| CN110769016A (en) | File uploading method and computer storage medium | |
| JP2008519361A (en) | How to enforce application specific management policies on content addressed storage devices | |
| CN116627925A (en) | Service log data processing method and device based on K8S environment | |
| CN115878128A (en) | Deployment method and device of application program | |
| CN113064615B (en) | Software updating method and device, storage medium and electronic device | |
| CN116264572A (en) | Method, medium and electronic equipment for automatically upgrading system | |
| CN105791350B (en) | Project data processing method and system | |
| CN112559460A (en) | File storage method, device, equipment and storage medium based on artificial intelligence | |
| CN114553826B (en) | Domain name management method, device, electronic equipment, medium and program product | |
| CN112217770A (en) | A security detection method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |