Classifications

• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
  • G06F21/55—Detecting local intrusion or implementing counter-measures

Definitions

• the present invention relates to a virus and an unauthorized intrusion for preventing an intruder such as a virus and a hacker from entering the computer or the communication network in an environment where the computer is connected to the communication network via a relay device.
• the present invention relates to an intruder prevention device and its program.
• Patent Document 1 Japanese Patent Laid-Open No. 6-230959
• the present invention has been made to solve the above-described problems, and can reliably detect a virus, and data including a virus and unauthorized intruders such as hackers can be put into a computer.
• the object is to provide a virus and unauthorized intruder intrusion prevention device and its program that can completely prevent intrusion or, on the contrary, intrusion into a computer-powered communication network.
• the virus and unauthorized intruder intrusion prevention device is capable of intruding a virus into the computer or the communication network in an environment where a computer is connected to the communication network.
• a virus and unauthorized intruder intrusion prevention device for preventing a computer, a dividing means for dividing data transmitted to the computer or the communication network into analog data and digital data, and the divided analog data In the frequency band near the boundary of the digital data, the data force detecting means for detecting electrical distortion and the data portion including the electrical distortion detected by the detecting means are recognized as abnormal data, and the abnormal data is passed. It is characterized in that it is provided with a blocking means for blocking the power.
• the blocking means may block the passage of the abnormal data in the transmission / reception unit of the computer.
• dial means may be provided for continuously transmitting numerical data of a predetermined number of digits to the transmission / reception unit of the computer.
• the present invention provides a virus intrusion prevention program for preventing the entry of a virus into the computer or the communication network in an environment where the computer is connected to the communication network.
• the method may further comprise the step of continuously transmitting numerical data having a predetermined number of digits to the transmission / reception unit of the computer.
• a virus can be reliably detected, and data containing a virus can be detected.
• Unauthorized intruder power such as a power source can be completely prevented from entering the computer or, conversely, the computer power also entering the communication network.
• FIG. 1 is a schematic diagram showing an overall configuration of a virus intrusion prevention system including a virus and unauthorized intruder intrusion prevention device according to an embodiment of the present invention.
• FIG. 2 is a functional block diagram showing the configuration of the virus and unauthorized intruder intrusion prevention device according to the embodiment of the present invention.
• FIG. 3 is a diagram showing analog data including abnormal data.
• FIG. 4 is a diagram showing digital data including abnormal data.
• FIG. 5 is a diagram showing the structure of normal data.
• FIG. 6 is a diagram showing the structure of data including abnormal data.
• FIG. 7 is a diagram showing a communication record in the virus and unauthorized intruder prevention device according to the embodiment of the present invention.
• FIG. 1 is a schematic diagram showing the overall configuration of a virus and unauthorized intruder intrusion prevention system equipped with a virus and unauthorized intruder intrusion prevention device according to an embodiment of the present invention
• FIG. 2 is an embodiment of the present invention
• FIG. 3 is a functional block diagram showing a configuration of a virus and unauthorized intruder intrusion prevention device according to FIG.
• a virus and unauthorized intruder prevention system 1 includes a computer 8 having a hard disk drive 2, a CPU 3, a memory 4, a LAN board 5, a mouse 6 and a keyboard 7.
• the computer 8 is installed on the hard disk drive 2 via a storage medium such as a CD-ROM, and is installed with a virus and unauthorized intruder prevention program power S. As a result, it can function as a virus and unauthorized intruder prevention device.
• the virus and unauthorized intruder intrusion prevention device 11 includes an OS processing unit 12 for supporting a plurality of operating systems (OS) and a computer 8 or a communication network 9.
• the data sent to is divided into analog data and digital data
• a data dividing unit 13 that analyzes data like a LAN analyzer, a frequency band identifying unit 14 that identifies a frequency band of the data when transmitting and receiving data in a transmitting and receiving unit such as the LAN board 5 and the router 10,
• a data amount calculation unit 15 that calculates the volume of data to be transmitted and received in the transmission / reception unit, and a frequency band calculation unit 16 that calculates an appropriate frequency band according to the environment of the computer 8 such as the data transmission speed and the installation location of the computer 8.
• a load adjusting unit 17 that adjusts the communication load according to the data volume calculated by the data amount calculating unit 15, and a data guiding unit 18 that guides the data to an appropriate route such as analog or digital, CPU3, memory 4, etc.
• the numerical data setting unit 20 for setting numerical data of a predetermined number of digits (for example, 6 rows and 4 columns) at random and the numerical data set by the numerical data setting unit 20 are transmitted to the transmission / reception unit.
• data division unit 13 distortion detection unit 22 for detecting electrical distortion in the frequency band (about 4KHz) near the boundary between analog data and digital data divided, and distortion detection
• the data portion including the electrical distortion detected by the unit 22 is recognized as abnormal data, and is provided with a data blocking unit 23 that blocks passage of the abnormal data.
• abnormal data 28 it is recognized as abnormal data 28, and the passage of the abnormal data 28 through the LAN board 5 is blocked by the data blocking unit 23.
• normal data 24 is divided by each packet 25 as shown in FIG. It is transmitted as digital data, and has a header part 26 and a footer part 27 at the beginning and the end of the data, respectively.
• the abnormal data 28 including the virus is transmitted by a method of being inserted into the normal data 24 as shown in FIG. 6, and the abnormal data 28 including the virus is always included in the header portion 29 and the footer portion. There are 30.
• abnormal data 28 including viruses is different from the normal data 24 because the number and order of the header and footer sections are different.
• the electrical distortion V and V can be confirmed by analyzing interruptions, etc.
• the abnormal data 28 including the virus is reliably blocked in the transmission / reception unit of the computer 8, and thus enters the inside of the computer 8. There is nothing. Even if the computer 8 is infected by a storage medium such as a CD or floppy disk (registered trademark) contaminated with a virus, the abnormal data 28 including the virus is reliably blocked in the transmission / reception unit. Therefore, it is possible to prevent a computer or the like connected to the communication network 9 from entering the communication network 9 from being infected with a virus.
• the numerical data with a predetermined number of digits set at random in the numerical data setting unit 20 is always supplied to the dial unit 21 and the LAN board 5, the router 10, etc. Is sent to the transceiver.
• the numerical data is transmitted, it includes not only digital data but also analog data, so if both numerical data are not analyzed, unauthorized intrusion such as The person is unable to perceive the presence of the computer 8.
• a spare parameter is added to the parameters built into the router 10 and computer 8, and as shown in the log contents of data No. 5 and No. 8 in Fig. 7.
• the IP address of the transmission / reception unit is displayed as “00000000”, so that an intruder such as a hacker cannot recognize the IP address. Therefore, an unauthorized intruder cannot enter the inside of the computer 8, and the unauthorized intruder power can be surely protected for the computer 8.
• the present invention can also be applied to a wireless LAN, thereby reliably preventing eavesdropping, information falsification, leakage, and destruction, which are problems in the wireless LAN, thereby improving security. Can be planned.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Software Systems (AREA)
• Theoretical Computer Science (AREA)
• Computer Hardware Design (AREA)
• Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Small-Scale Networks (AREA)
• Storage Device Security (AREA)

Priority Applications (1)

Applications Claiming Priority (1)

Publications (1)

Family

ID=38895008

Family Applications (1)

Country Status (1)

• 2006
  • 2006-07-04 WO PCT/JP2006/313282 patent/WO2008004276A2/fr not_active Ceased

Similar Documents

Legal Events