Process behavior control method and device

A process and behavior technology, applied in the direction of multi-program installation, platform integrity maintenance, etc., can solve problems such as system stuck and achieve the effect of ensuring stability
CN102890641AActive Publication Date: 2013-01-23BEIJING QIHOO TECH CO LTD +1
7 Cites 16 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Current Assignee / Owner
BEIJING QIHOO TECH CO LTD
Publication Date
2013-01-23

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a process behavior control method and a process behavior control device. The method comprises the following steps that: when detecting a keyboard input or key input behavior, an underlying driver intercepts the calling of a callback function by a message hook, wherein the message hook is associated with a process for triggering the current keyboard input or key input behavior; the underlying driver sends information of the process associated with the message hook to an application layer; the underlying driver stops or allows the behavior triggered by the process associated with the message hook; the application layer judges whether the behavior triggered by the corresponding process is stopped or allowed or not according to the information of the process associated with the message hook, and informs the underlying driver of a judgment result; and the underlying driver performs the corresponding operation of stopping or allowing the behavior triggered by the corresponding process according to the judgment result of the application layer. By the method and the device, the calling of the callback function by the message hook can be intercepted, and the stability of a system is ensured.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present invention relates to the field of computer equipment security, in particular to a process behavior control method, a process behavior control device, and a process behavior control bottom drive system. Background technique

[0002] The wide application of Windows operating system makes it become the operating system most severely attacked by malicious software, and its security issues have become the focus of attention of users and computer security researchers.

[0003] Malware refers to viruses, worms, and Trojan horses that perform malicious tasks on computer systems. The most commonly used implementation technology of malware is hook technology. By using hook technology, malware can change the normal execution path of the operating system, thereby destroying the system or stealing user information.

[0004] At present, a commonly used protection method is to realize the protection design for malicious software by detecting hooks under ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More