Method and device for carrying out file operation

A technology of file operation and execution method, applied in computer security devices, instruments, computing, etc., can solve problems such as incompatibility of security software, lack of capability, and weak resistance to driver-level malicious programs, so as to avoid the potential possibility of incompatibility , enhance the ability to resist, and have a wide range of effects

Active Publication Date: 2012-11-14
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] Although traditional security software vendors are aware of the possibility of various file operation calls being hijacked, most of the existing solutions only consider the hijacking risk of the operating system user state, and often show a certain lack of capability in the attack and defense of the operating system kernel state , driver-level malware (Rootkit) is weak against
[0015] Therefore, a technical problem that needs to be urgently solved by those skilled in the art is to propose a processing mechanism for file penetration operations, which not only provides attack and defense in the user state of the operating system, but also provides attack and defense in the kernel state of the operating system to enhance and drive Anti-attack and defense capabilities against malicious programs, and avoid the potential for incompatibility between security software due to file operation interference

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for carrying out file operation
  • Method and device for carrying out file operation
  • Method and device for carrying out file operation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0076] In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0077] One of the core concepts of the embodiment of the present invention is to completely implement a set of file operation calling library in the user mode interface of the operating system, the caller initiates a file operation request, calls the corresponding file operation interface routine, and the operating system kernel mode driver obtains and corrects the library. Verify the request from the user mode, build a query data structure to analyze the incoming file path, and finally find the object type maintained in the object manager. This process effectively resists the internal risk of hijacking in the kernel mode. Thereafter, the operating system kernel mode driver builds and fills the IRP request packet, and sends it to t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for carrying out a file operation. The method comprises the following steps of: acquiring a file operation request including invoker input parameter, wherein the input parameter comprises file paths; searching a relative file object analysis routine in an object manager according to the file path; generating an I / O request packets according to the file object analysis routine if the relative file object analysis routine is found out, and transmitting the packets to an original address of the lower layer device of the preset file system. The method in the invention can increase and drive the counterforce capability of a rogue program and avoid potential probability of incompatibility among safe software due to interference of file operation.

Description

technical field [0001] The present invention relates to the technical field of file penetration, in particular to a file operation execution method and a file operation execution device. Background technique [0002] When faced with complex problems, people tend to use the method of divide and conquer to divide and narrow the scope of the problem. This is also the case in the design of the operating system. This approach brings advantages such as portability and scalability. However, due to the security flaws in the design theory (for example, the lack of an integrity verification mechanism, etc.), another aspect of high scalability also means that there are a large number of possibilities for the system to be tampered with. Taking the design of the file system as an example, the hierarchical structure of the file call stack determines the risk of data flow tampering on the call chain. Because of this, ensuring the authenticity and credibility of its own file operation pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00
CPCG06F21/6218G06F21/00
Inventor 王宇潘剑锋
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap