Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

File macro virus immunization method and device

A macro virus and file technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as inability to immunize viruses, low immunization efficiency, and difficulty in identification

Active Publication Date: 2013-03-27
三六零数字安全科技集团有限公司
View PDF2 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Because the macro virus is hidden in the data file, and the script syntax it uses is flexible and changeable, there are many ways to write a function, so it is very difficult to identify whether a file has a macro virus
[0004] In the prior art, a file macro virus immunization method adopts the method of occupying pits. Specifically, if a certain macro virus is found to release a file with a specific name, a new folder with the same name is created, and the Windows file and folder with the same name are used to create a new folder with the same name. Prevent the spread of macro viruses in a way that cannot coexist; this method can only immunize specific and existing macro viruses, but not new and unknown viruses, so the immune efficiency is not high
[0005] Another kind of file macro virus immunity method in the prior art prohibits all macro functions of Office by disabling all macro methods; this method will affect the files that normally need to use macro functions

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • File macro virus immunization method and device
  • File macro virus immunization method and device
  • File macro virus immunization method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0076] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0077] refer to figure 1 , which shows a flow chart of a file macro virus immunization method according to an embodiment of the present invention, which may specifically include:

[0078] Step 101, intercepting the file behavior request of the Office process;

[0079] The interface to developers exposed under Windows is called API (Application Programming Interface, Application Programming Interface). Various application layer app...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a file macro virus immunization method and device. The device comprises a request intercepting and capturing module, a request analyzing module, a macro virus judging module, a first processing module and a second processing module, wherein the request intercepting and capturing module is applicable to interception and capture of a file behavior request of an Office progress; the request analyzing module is suitable for analyzing the file behavior request to obtain information of a corresponding file behavior; the macro virus judging module is suitable for judging whether a file behavior is a macro virus behavior or not; the first processing module is suitable for allowing the file behavior request when the Office progress modifies the macro virus behavior of a template file; the second processing module is suitable for stopping the file behavior request in other macro virus behaviors; the request analyzing module is suitable for analyzing parameters of an application program interface (API) to obtain information of the corresponding file behavior; and the information of the file behavior at least comprises one or more of the following information: a file path, a behavior name, a sharing manner and a file attribute. According to the file macro virus immunization method and device disclosed by the invention, an immunization range of the macro viruses can be provided and the immunization efficiency of the macro viruses is improved.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a file macro virus immunization method and device. Background technique [0002] A macro virus is a computer virus that resides in the macros of a document or template. Once such a document is opened, the macros in it are executed, and the macro virus is activated, transferred to the computer, and resides on the template. From then on, all autosaved documents will be "infected" with this macro virus, and if another user opens the infected document, the macro virus will be transferred to his computer. [0003] Because the macro virus is hidden in the data file, and the script syntax it uses is flexible, there are many ways to write a function, so it is very difficult to identify whether a file has a macro virus. [0004] In the prior art, a file macro virus immunization method adopts the method of occupying pits. Specifically, if a certain macro virus is found to relea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
Inventor 禹建文
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com