Process behavior control method and device

A process and behavior technology, applied in the direction of multi-program installation, platform integrity maintenance, etc., can solve problems such as system stuck and achieve the effect of ensuring stability

Active Publication Date: 2013-01-23
BEIJING QIHOO TECH CO LTD +1
View PDF7 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The hook under the Windows operating system completes the callback to the system by calling the callback function. Th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Process behavior control method and device
  • Process behavior control method and device
  • Process behavior control method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0063] One of the core ideas of the embodiment of the present invention is to perform special processing when intercepting the call of the callback function caused by the message hook, that is, when the message that needs to be processed by the application layer is intercepted, the underlying driver directly releases (or blocks) and then notifies Application layer processing, or, after notifying the application layer, if the applica...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a process behavior control method and a process behavior control device. The method comprises the following steps that: when detecting a keyboard input or key input behavior, an underlying driver intercepts the calling of a callback function by a message hook, wherein the message hook is associated with a process for triggering the current keyboard input or key input behavior; the underlying driver sends information of the process associated with the message hook to an application layer; the underlying driver stops or allows the behavior triggered by the process associated with the message hook; the application layer judges whether the behavior triggered by the corresponding process is stopped or allowed or not according to the information of the process associated with the message hook, and informs the underlying driver of a judgment result; and the underlying driver performs the corresponding operation of stopping or allowing the behavior triggered by the corresponding process according to the judgment result of the application layer. By the method and the device, the calling of the callback function by the message hook can be intercepted, and the stability of a system is ensured.

Description

technical field [0001] The present invention relates to the field of computer equipment security, in particular to a process behavior control method, a process behavior control device, and a process behavior control bottom drive system. Background technique [0002] The wide application of Windows operating system makes it become the operating system most severely attacked by malicious software, and its security issues have become the focus of attention of users and computer security researchers. [0003] Malware refers to viruses, worms, and Trojan horses that perform malicious tasks on computer systems. The most commonly used implementation technology of malware is hook technology. By using hook technology, malware can change the normal execution path of the operating system, thereby destroying the system or stealing user information. [0004] At present, a commonly used protection method is to realize the protection design for malicious software by detecting hooks under ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F9/46G06F21/52
Inventor 董杰张晓霖
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap