Webpage tamper proofing method realized by windows driver layer

An anti-tampering, driver layer technology, applied in the direction of instruments, program/content distribution protection, electronic digital data processing, etc., to achieve the effect of low resource occupation and fast response speed

Inactive Publication Date: 2012-09-26
西安交大捷普网络科技有限公司
View PDF2 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most of the anti-tampering system products on the market mainly adopt polling mechanism or event triggering mechanism. There is a scanning interval in the polling scanning mechanism. Hackers can attack the system during the scanning interval and allow visitors to access tampered webpages. The polling technology has the disadvantages of low detection efficiency, large consumption of server load and bandwidth resources, etc.
The event-triggered webpage anti-tampering system is also a passive strategy, which cannot guarantee that the outside world will not see the tampered webpage
And if the hacker employs a large-scale tampering campaign, this response mechanism becomes too slow to be desirable

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Webpage tamper proofing method realized by windows driver layer
  • Webpage tamper proofing method realized by windows driver layer

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The present invention will be described in detail below with reference to the drawings and specific embodiments.

[0018] The webpage tamper-proof method implemented from the driver layer using Windows SSDT HOOK. The full name of SSDT is System Services Descriptor Table. This table is a link between Ring3's Win32 API and Ring0's core API. SSDT is more than just It only contains a huge address index table, which also contains some other useful information, such as the base address of the address index, the number of service functions, etc. By modifying the function address of this table, you can hook common Windows functions and APIs, thereby To achieve the purpose of filtering and monitoring some system actions of interest, in Windows operating systems above NT 4.0, there are two system service description tables by default. These two scheduling tables correspond to two different types of system services. The schedule tables are: KeServiceDescriptorTable and KeServiceDescr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a webpage tamper proofing method realized by a windows driver layer. The webpage tamper proofing method includes: monitoring a kernel call function of a relative file operation at the driver layer, and proofing the webpage tamper by determining whether to permit the operation or not according to launch progresses of the call and the to-be-operated object file of the call. Compared with polling technique and event triggering technique normally used at present, the webpage tamper proofing method realized by the windows driver layer has the advantages of low resources occupation, high response speed and can absolutely avoid webpage tamper and the like.

Description

Technical field: [0001] The invention relates to a webpage anti-tampering method realized by a Windows driver layer. Background technique: [0002] External websites are exposed to the Internet because they need to be accessible to the public, and thus are easy targets for hackers. Although there are security measures such as firewalls and intrusion detection, the complexity and diversity of modern operating systems lead to endless system vulnerabilities, which are hard to prevent. Hacking and tampering with pages happens from time to time. In response to this, the webpage anti-tampering system came into being. Most of the webpage anti-tampering system products currently on the market mainly use polling mechanism or event trigger mechanism. There is a scanning interval in the polling scanning mechanism. Hackers can attack the system during the scanning interval and allow visitors to access tampered webpages. The polling technology has disadvantages such as low detectio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F11/30G06F21/14
Inventor 周静陈晓兵吴德何建锋
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap