Method and system for detecting process creation during real-time protection

A process creation and real-time protection technology, applied in multi-programming devices, instruments, electronic digital data processing, etc., can solve problems such as easy desktop, blurred screen, and inability to create new processes

Active Publication Date: 2013-01-02
TENCENT TECH (SHENZHEN) CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The disadvantage of adopting the existing technology is: during the period when the driver program waits for the application layer detection result, due to the need to interrupt the execution of the creator process, the creator process as the creator of all user processes is the parent of all user processes Therefore, once the creator process as the parent process is interrupted, it will cause a series of chain reactions of the process it controls, such as prone to desktop blurred screen, unable to create new processes, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting process creation during real-time protection
  • Method and system for detecting process creation during real-time protection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The basic idea of ​​the present invention is: after the newly created process, the driver program reports the relevant information of the newly created process required when the application layer detects to the application layer, and notifies the application layer to scan and detect; the application layer scans according to the relevant information of the newly created process Suspend new processes while checking.

[0024] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail by citing the following embodiments and referring to the accompanying drawings.

[0025] The prior art and the present invention are compared and described below, so as to better reflect the advantages of the present invention over the prior art.

[0026] As far as the prior art is concerned, in the current real-time protection, the callback notification function of process creation is usually regis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting process creation during real-time protection. The method comprises the following steps that: a driving program reports related information of a new process required during detection of an application layer to the application layer to notice the application layer to perform scanning detection after the process is created; and the driving program suspends the new process when the application layer performs the scanning detection according to the related information of the new process. The invention also discloses a system for detecting the process creation during the real-time protection. A process suspending unit in the system is used for suspending the new process through the driving program when the application layer performs the scanning detection. By the method and the system, the new process can be detected without the interruption of the process of a creator.

Description

technical field [0001] The invention relates to a detection technology for process creation, in particular to a method and system for detecting process creation in real-time protection. Background technique [0002] At present, various real-time protection software will monitor the creation of processes. There are two application scenarios: 1. Record related information such as process ID and process path, which can be easily used for later active defense to intercept events according to the process ID Find the relevant information of the process; 2. When the process is created, it is used by the application layer to scan and detect the execution environment and system memory of the process. When the process is confirmed to be safe, the process is allowed to continue to execute, otherwise it will prevent the process from starting. For the second application scenario, in the prior art, the driver notifies the application layer to scan and detect when the process is created. D...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/51G06F9/46
Inventor 刘桂泽
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap