Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for file handle closing operation

A file handle, handle technology, applied in program control devices, platform integrity maintenance, etc., can solve problems such as security software incompatibility, alarm conflicts, etc., to avoid incompatibility and enhance confrontation capabilities.

Active Publication Date: 2015-10-14
三六零数字安全科技集团有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the inability to actively control the timing of the call, one security software will intercept the passive trigger request of another security software during the process of closing the handle, which will cause alarm conflicts. This type of interference is also one of the root causes of incompatibility between security software. one
In addition, when security software conducts kernel attack and defense with driver-level malicious programs, it will also encounter similar problems
[0005] Therefore, a technical problem urgently needed by those skilled in the art is to propose a processing mechanism for file handle closing operations to intercept and control the closing process of file handles, enhance the ability to resist attack and defense against driver-level malicious programs, and Avoid potential incompatibilities between security software due to interference with handle closing operations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for file handle closing operation
  • Method and device for file handle closing operation
  • Method and device for file handle closing operation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0069] In order to make the above objects, features and advantages of the present invention more clearly understood, the present invention will be described in further detail below with reference to the accompanying drawings and specific embodiments.

[0070] In order to make those skilled in the art better understand the present invention, the handle is briefly introduced below.

[0071] Handle, is the basis of the entire windows programming, a handle refers to a unique integer value used, refers to a four-byte long (for 32-bit operating systems) or eight bytes long (for 64-bit operating systems) In terms of) value, used to identify different objects in the application and different instances of the same kind of objects, such as a window, button, icon, scroll bar, output device, control or file, etc., the application can access by handle information about the corresponding object. However, the handle is not a pointer, and the program cannot use its handle to directly read th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a file handle closuring operation method and a file handle closuring operation device. The file handle closuring operation method comprises the following steps of: acquiring a file handle closuring operation request initiated by an invoker, wherein the request comprises handle information to be closed; under the condition that a current operating system platform is supported, according to the handle information to be closed, acquiring object information to be closed; when an object to be closed has a corresponding new object type, replacing the original object type of the object with the new object type; invoking a Native API (application program interface) of a handle closing routine, extracting a callback routine from the new object type, and invoking the callback routine; and establishing an I / O (input / output) request packet inside the callback routine, sending the I / O request packet to file system lower equipment, and finishing file handle closuring operation by the file system lower equipment. The file handle closuring operation method and the file handle closuring operation device can enhance the offensive and defensive confrontation ability to a driver-stage malicious program and avoid potential possibility of incompatibility between security software due to handle closing operation interference.

Description

technical field [0001] The present invention relates to the technical field of operating system security processing, in particular to a method for closing a file handle and a device for closing a file handle. Background technique [0002] When faced with complex problems, people often use the divide and conquer method to divide and narrow the scope of the problem. This is also true in the design of operating systems. The Windows operating system solves complex problems with the help of layered design ideas. This approach brings advantages such as portability and scalability. However, due to security flaws in design theory (such as lack of integrity verification mechanism, etc.), another aspect of high scalability also means that the system has a large number of possibilities to be tampered with. [0003] Compared with the active behaviors of file creation, opening, reading and writing, setting, and deleting, the file handle closing operation (CloseHandle) in Windows operati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F9/44G06F21/55
Inventor 王宇潘剑锋
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com