Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for carrying out file operation

A technology of file operation and execution method, which is applied in the direction of computer security devices, instruments, computing, etc., can solve the problems of weak resistance to driver-level malicious programs, lack of ability, and incompatibility of security software, so as to avoid the potential possibility of incompatibility , enhance the ability to resist, and have a wide range of effects

Active Publication Date: 2015-03-25
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] Although traditional security software vendors are aware of the possibility of various file operation calls being hijacked, most of the existing solutions only consider the hijacking risk of the operating system user state, and often show a certain lack of capability in the attack and defense of the operating system kernel state , driver-level malware (Rootkit) is weak against
[0015] Therefore, a technical problem that needs to be urgently solved by those skilled in the art is to propose a processing mechanism for file penetration operations, which not only provides attack and defense in the user state of the operating system, but also provides attack and defense in the kernel state of the operating system to enhance and drive Anti-attack and defense capabilities against malicious programs, and avoid the potential for incompatibility between security software due to file operation interference

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for carrying out file operation
  • Method and device for carrying out file operation
  • Method and device for carrying out file operation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0076] In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0077] One of the core concepts of the embodiment of the present invention is to completely implement a set of file operation calling library in the user mode interface of the operating system, the caller initiates a file operation request, calls the corresponding file operation interface routine, and the operating system kernel mode driver obtains and corrects the library. Verify the request from the user mode, build a query data structure to analyze the incoming file path, and finally find the object type maintained in the object manager. This process effectively resists the internal risk of hijacking in the kernel mode. Thereafter, the operating system kernel mode driver builds and fills the IRP request packet, and sends it to t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Provided in the present application is a method for executing a file operation, comprising: acquiring a file operation request, where the request comprises a caller input parameter, and the input parameter comprises a file path; searching for a file object parsing routine in an object manager on the basis of the file path; if a corresponding file object parsing routine is found, then generating an I / O request packet on the basis of the file object parsing routine, and transmitting to an original address of a preconfigured file system low-level device. The present application improves the resistive capability against offence and defense of driver-level malicious programs, and prevents the potential possibility of incompatibility between security software caused by interference from file operation.

Description

technical field [0001] The present invention relates to the technical field of file penetration, in particular to a file operation execution method and a file operation execution device. Background technique [0002] When faced with complex problems, people tend to use the method of divide and conquer to divide and narrow the scope of the problem. This is also the case in the design of the operating system. This approach brings advantages such as portability and scalability. However, due to the security flaws in the design theory (for example, the lack of an integrity verification mechanism, etc.), another aspect of high scalability also means that there are a large number of possibilities for the system to be tampered with. Taking the design of the file system as an example, the hierarchical structure of the file call stack determines the risk of data flow tampering on the call chain. Because of this, ensuring the authenticity and credibility of its own file operation pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/6218
Inventor 王宇潘剑锋
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com