| 发明名称 | Interactive malicious code detection over a computer network | ||
| 摘要 | A file or other data unit may be scanned for malicious code by calculating a hash value of a portion of the file or data unit and transmitting the hash value of the portion over a computer network to a remotely located server computer. In the server computer, the hash value of the portion may be compared to hash values of malicious codes. The server computer may send the result of the comparison over the computer network to the client computer. The client computer may send one or more additional hash values of other portions of the file or data unit when the result indicates that the hash value of the portion matches a hash value of malicious code. Otherwise, the client computer may deem the file or data unit to be free of malicious code. | ||
| 申请公布号 | US9292689(B1) | 申请公布日期 | 2016.03.22 |
| 申请号 | US200812250781 | 申请日期 | 2008.10.14 |
| 申请人 | Trend Micro Incorporated | 发明人 | Chuo Tsun-Sheng;Ho Chih-Kun;Teng Ming-Hui;Chou Ren-Chien;Hsiao Chen-Wei;Lin Sung-Ching;Wang Chiu-Ming |
| 分类号 | G06F11/00;G06F21/56;H04L29/06 | 主分类号 | G06F11/00 |
| 代理机构 | Okamoto & Benedicto LLP | 代理人 | Okamoto & Benedicto LLP |
| 主权项 | 1. A method of detecting malicious code, the method to be performed by a client computer and comprising: extracting a first portion of a file that has a plurality of portions; calculating a hash value of the first portion; transmitting the hash value of the first portion over a computer network to receive a result indicating whether or not the hash value of the first portion matches a hash value of malicious code; receiving the result over the computer network; and calculating a hash value of a second portion of the file and transmitting the hash value of the second portion over the computer network to determine if the hash value of the second portion matches a hash value of malicious code when the result indicates that the hash value of the first portion matches a hash value of malicious code. | ||
| 地址 | Tokyo JP | ||