Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

File handle closuring operation method and device

A file handle and handle technology, applied in program control devices, computer security devices, instruments, etc., can solve problems such as alarm conflicts and security software incompatibility, and achieve the effect of enhancing confrontation capabilities and avoiding incompatibility

Active Publication Date: 2012-12-26
三六零数字安全科技集团有限公司
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the inability to actively control the timing of the call, one security software will intercept the passive trigger request of another security software during the process of closing the handle, which will cause alarm conflicts. This type of interference is also one of the root causes of incompatibility between security software. one
In addition, when security software conducts kernel attack and defense with driver-level malicious programs, it will also encounter similar problems
[0005] Therefore, a technical problem urgently needed by those skilled in the art is to propose a processing mechanism for file handle closing operations to intercept and control the closing process of file handles, enhance the ability to resist attack and defense against driver-level malicious programs, and Avoid potential incompatibilities between security software due to interference with handle closing operations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File handle closuring operation method and device
  • File handle closuring operation method and device
  • File handle closuring operation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0069] In order to make the above objects, features and advantages of the present invention more comprehensible, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0070] In order to enable those skilled in the art to better understand the present invention, the handle is briefly introduced below.

[0071] The handle is the basis of the entire windows programming. A handle refers to a unique integer value used, which refers to a four-byte length (relative to a 32-bit operating system) or an eight-byte length (relative to a 64-bit operating system). In terms of), the value is used to mark different objects in the application and different instances of the same type of objects, such as a window, button, icon, scroll bar, output device, control or file, etc., the application can access through the handle information about the corresponding object. However, the handle is not a pointer, and the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a file handle closuring operation method and a file handle closuring operation device. The file handle closuring operation method comprises the following steps of: acquiring a file handle closuring operation request initiated by an invoker, wherein the request comprises handle information to be closed; under the condition that a current operating system platform is supported, according to the handle information to be closed, acquiring object information to be closed; when an object to be closed has a corresponding new object type, replacing the original object type of the object with the new object type; invoking a Native API (application program interface) of a handle closing routine, extracting a callback routine from the new object type, and invoking the callback routine; and establishing an I / O (input / output) request packet inside the callback routine, sending the I / O request packet to file system lower equipment, and finishing file handle closuring operation by the file system lower equipment. The file handle closuring operation method and the file handle closuring operation device can enhance the offensive and defensive confrontation ability to a driver-stage malicious program and avoid potential possibility of incompatibility between security software due to handle closing operation interference.

Description

technical field [0001] The invention relates to the technical field of operating system security processing, in particular to a method for closing a file handle and a device for closing a file handle. Background technique [0002] When faced with complex problems, people tend to use the method of divide and conquer to divide and narrow the scope of the problem. This is also the case in the design of the operating system. This approach brings advantages such as portability and scalability. However, due to the security flaws in the design theory (for example, the lack of an integrity verification mechanism, etc.), another aspect of high scalability also means that there are a large number of possibilities for the system to be tampered with. [0003] Compared with active behavior processes such as file creation, opening, reading and writing, setting, and deletion, the file handle closing operation (CloseHandle) in the Windows operating system is passively triggered in many cas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/44G06F21/00
Inventor 王宇潘剑锋
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com