Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Progress protection technology based on Windows system remote thread monitor

A technology of remote thread injection and threading, which is applied in multi-programming devices, platform integrity maintenance, instruments, etc., can solve the problems of high technical difficulty and system crash, and achieve the effect of easy security, process protection, and simple implementation.

Active Publication Date: 2009-03-18
SHANDONG CVIC SOFTWARE ENG
View PDF0 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The protection effect of this method is very good, but it is difficult to realize the technology, and it is easy to cause the system to crash due to failure

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Progress protection technology based on Windows system remote thread monitor
  • Progress protection technology based on Windows system remote thread monitor

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Embodiments of the present invention will be described in detail below.

[0031] A process protection technology based on Windows system remote thread monitoring is realized through the following steps: it can be divided into two steps, one is to implement remote wire control injection, such as figure 1 , the second is application process control, such as figure 2 .

[0032] Among them, such as figure 1 As shown, the implementation of the first step to implement remote remote control injection is achieved through the following steps:

[0033] First start step 101, execute remote thread injection. The execution of the remote thread injection is achieved through the following steps:

[0034] First, create the thread function body, fill in the thread parameters and code.

[0035] Then, copy the thread code to the address space of the target process (the address must be a page whose page attribute is PAGE_EXECUTE_READWRITE) or other places where the host process can e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a process protection technique based on Windows system remote thread supervisory, namely a process protection mechanism of the InforGuard webpage anti-tamper system middleware, which is based on the thread injection technique. The process protection mechanism comprises steps of firstly, performing remote thread injection, secondly, applying the process control. The invention provides a technical scheme of smartly applying the hidden property of remote thread injection to process protection, which solves the problem of hidden property in application of the process protection, and simultaneously takes the problems of technical difficulty and stability of realization into consideration.

Description

technical field [0001] The invention relates to a process protection technology based on remote thread monitoring of the Windows system, that is, a process protection mechanism based on the thread injection technology of InforGuard web page anti-tampering system middleware. Background technique [0002] In Windows systems, ordinary non-system processes can be forcibly closed by system management tools or other ordinary processes. For security products, sometimes it is necessary to protect its own process to prevent it from being closed maliciously. [0003] The current process protection technology based on Windows system is briefly analyzed as follows: [0004] 1. Dual-process daemon mechanism [0005] Start two processes in the same system, and complete the guardianship between each other. When one exits abnormally, the other restarts it. This mechanism has certain significance in system exception handling, but it is useless for malicious process damage. [0006] 2. De...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F9/46G06F21/52
Inventor 景新海程建平刘江宁刘靖刘宗福刘庆良刘春石磊
Owner SHANDONG CVIC SOFTWARE ENG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com