Design And Implementation Of Anti-virus Part In The Network Security Platform

In company with nowaday society's abidance advancement,computer network is also developing swiftly and violently ,however conventional network security model has already been distinct insufficient in the presence of new attack instruments and menace,including:defense mechanism is passive,hysteretic,only laying stress on borderline security while neglect terminal fence and so on.Virus,worm,leak,hacker,network security "hostile situation" has many changes within a short time,anti- virus software can only passively defence,firewall can only be used by professional human person normally,network security become increasingly difficult.To direct at nowaday intricate actuality of network security,we make the new style intellectualized security productfashion that assembles anti-virus,firewall,security instruments,safety assessment system to a suit——the Network Security Platform appears.It put powerful functions and simple interface together,it is not only the good assistant of professional personnel,but also the best network security instrument of everyman,it provides the best security network environment for users.Facing different kinds of new challenge,the Network Security Platform terminal safeguard system provides a brand new security safeguard concept,which is:active defense mechanism + diversification means of defence;automatism + compulsive execution tactics.First of all,the text introduces the Network Security Platform's service logos and design thought.Through existing network link,the Network Security Platform has realized instant communication between users and customer service of CNC,CNC can transfer informations to every user conveniently,supply highly active,convenient,instantaneous information service to every user,let user feel that CNC's service is under the very nose of body side,intensify service logos for users,promote CNC's service image;it is a sort of comprehensive service platform.Besides supplying anti-virus software's all-around protection function,it's still a humanizing service platform,a service window,which makes users feel the close-fitting service of CNC when they are using the Network Security Platform.Secondly,the text introduces the framework design of the Network Security Platform:in view of the predominance of C/S framework,as a whole the Network Security Platform mostly adopt C/S structural pattern.Software system is mostly divided into two parts----client and service console.Client can be used solely,enterprise could add service console to form network service on basis of using client.Thirdly,the text expounds system requirements of the Network Security Platform:it's devided into client and service console in respect of function;operation interface lives up to esthetic appearance and concision,the wholly operation process from fixing to using is simple,intelligent;client system has favorable expandability and function modularity,it could add modules conveniently in the future,and it obligates ample predefined interfaces which can link with third party product. The Network Security Platform's business functions are super overall,it has local protections,network defence,personality service and so on. Local protection functions include anti-virus function,registry monitoring function;network denfence functions include firewall function,network safety assessment and analysis ;personality service functions include updating on the internet,information reminding,authorization on the internet,real-time service .etc.In view of the Network Security Platform's powerful function requirements,members of project group discuss earnestly and analyze meticulously on the overall framework of the Network Security Platform,and decide to devide the Network Security Platform into 9 function modules,including:anti-virus module, firewall module,registry monitoring module,control center module,user interface module,communication module,authentication and authorization module,authentication server module and log monitoring module.Modules can link and invoke with each other by mutual interface. The Network Security Platform's traits are prominent , for users it's simple and easy to use , its functions are complete;for manufacturer it can be conveniently expanded and easily maintained. Compared with other stand-alone firewall product and common anti-virus product,it has overt predominance either.On basis of design and analysis to overall framework,the text introduces detailedly on design and implementation of anti-virus part. This part firstly introduces correlative knowledge of computer virus,including authoritative definition of computer virus,main traits of computer virus ,classification and features of windows system virus .etc,which is to be conducted to known computer viruses in depth.In the part of anti-virus module,the main body of anti-virus mechanism is anti-virus engine and virus library,if anti-virus is regarded as looking up the dictionary,anti-virus engine is the very directory,virus library is the very text. The Network Security Platform adopts AV leach anti-virus engine and virus library of Kaspersky ,registered users could download up-to-date virus library files automatically or manually from CNC server by the Network Security Platform;file virus-detecting part mostly introduces the mechanism and key means of file virus-detecting;then,the text introduces the problems of process and system authority ,including basic conceptions of process and thread,supervision and termination of process,precedence and termination of thread .etc;then it ulteriorly introduces the meanings of system authority as well as how to make process get system high level authority to shut other processes;to deal with viruses,I mostly adopt three kinds of methods: deleting virus file directly,eliminating virus that adheres to file and putting viruses into quarantine;in order to increase updating efficiency of virus library,I adopt increment-updating method to update,and introduce specific means of increment-updating method;in consideration of economizing system resources'spending and running other foreground programes preferably,wholly anti-virus module can be as one of system service processes and run backstage;wholly anti-virus module also supplies mutual interfaces with the purpose of being invoked by other modules.At the end of the text,I have summarized the whole text and outlooked the future work of the project.Following the software-engineering rule to develop the project,we divided the task into many simple and independent function units,the interfaces of all the units are as simple and independent as possible. During the process of coding,we encapsulate some codes with module,which can be used repeatly into some functions,so we can reduce the complexity and the cost of the maintenance of our software. And we have used multithreading technology to solve multitasks.