File security active protection method based on double-drive linkage

An active protection and security protection technology, applied in computer security devices, digital data protection, instruments, etc., can solve problems such as poor selection of security protection opportunities, insufficient file protection strategies, and insufficient thorough file operation monitoring, etc., to achieve the resolution of malicious files. Operational and Effects of Cyber ​​Attack Campaigns

Inactive Publication Date: 2012-07-11
HENAN GONGXING INFORMATION TECH
View PDF1 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] (1) It cannot actively defend against legitimate users' malicious destruction and theft;
[0014] (2) The file protection strategy at the operating system level is not enough, and the file operati

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File security active protection method based on double-drive linkage
  • File security active protection method based on double-drive linkage
  • File security active protection method based on double-drive linkage

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0043] Example: such as figure 1 As shown in -6, the specific steps of the file security active protection method based on dual-drive linkage are as follows:

[0044] a) Use the INF file to install the driver to the target operating system, the driver exists as a service, and is set to start with the operating system;

[0045] b) Load the driver through the service management item of the operating system;

[0046] c) Read the preset file security protection rules into the rule chain;

[0047] d) Assign the IRP processing routine function entry to the corresponding dispatch routine array of DriverObject (driver object);

[0048] e) Fill in the Fast I / O processing routine, Fast I / O is a request without IRP caused by the cache manager call; the file filter driver writes for the DriverObject (driver object) in addition to the normal dispatch routine Another set of Fast I / O functions to monitor the cache;

[0049] f) Create a system thread, after obtaining the TCP / IP device obj...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A file security active protection method based on double-drive linkage specially includes steps of: installing drives so as to enable service; loading linkage drives through service management items; reading preset file safety protection rules to a rule chain; giving an inlet of an intelligent resource planning (IRP) processing routine function to a Driver Object; filling a Fast input/output (I/O) processing routine; leading a file filtering drive to normally send the routine and monitor cache; building a system thread, obtaining transmission control protocol/internet protocol (TCP/IP) device objects, then starting a network drive comprising a transport driver interface (TDI) layer and a network driver interface standard (NDIS) layer, and performing monitoring action for operating files through network processes; and leading the file filtering drive to filter received IRP according to the rule chain and perform IRP-level monitoring on user action protected by the files. The file security protection technology based on kernel mode file system drive and network drive linkage effectively solves problems of file damage and file stealing caused by malicious file operation, network attack activities and Trojan virus.

Description

technical field [0001] The invention belongs to the field of communication and information security, in particular to an active file security protection method based on double-drive linkage. Background technique [0002] With the rapid development of the network, the continuous enrichment of mobile storage devices, and the further enhancement of the convenience of application software, the problems and challenges faced by file security protection have become more and more prominent. Only relying on manual management or monitoring software can no longer meet the existing security needs, because when the monitoring software detects malicious file operation behavior, the file has been destroyed or stolen, this passive traditional monitoring technology has its obvious disadvantages Weaknesses and drawbacks. Therefore, a set of monitoring technology based on active defense is needed to fundamentally solve the problem of file security protection. [0003] A lot of research has b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/00G06F21/60
Inventor 顾纯祥潘晓东苏永涛曲俊峰
Owner HENAN GONGXING INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap