Method and device for actively defending rogue program

A malicious program and active defense technology, applied in the direction of platform integrity maintenance, etc., can solve the problems that the anti-killing method of malicious programs cannot be prevented, and the signature database generation and update virus lag, etc., to reduce the scope of interception and reduce the probability of inspection , the effect of improving operating efficiency

Active Publication Date: 2013-05-01
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 36 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the number of malicious programs in the world is growing geometrically. Based on this explosive growth rate, the generation and update of signature database

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for actively defending rogue program
  • Method and device for actively defending rogue program
  • Method and device for actively defending rogue program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] Hereinafter, exemplary embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure can be implemented in various forms and should not be limited by the embodiments set forth herein. On the contrary, these embodiments are provided to enable a more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0073] See figure 1 , Shows a structural diagram of an apparatus for actively defending malicious programs according to an embodiment of the present invention. The device 100 may be located in a separate physical device, or in a device to be protected, for example, as a security detection module for a terminal such as a PC (personal computer) to actively defend against malicious programs, and there is no part...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of computer network safety and discloses a method and a device for actively defending a rogue program. The method comprises the following steps of: when to-be-protected equipment creates a process, judging whether a created process has risk or not according to process files related to the created process, if yes, intercepting an operation of loading DLL (Dynamic Link Library) files of the process by the created process, and recording the DLL files into the process information of an internal memory; and after the to-be-protected equipment starts the process, if the operated executed by the process is a dangerous operation, detecting whether the recorded DLL files of the process are safe or not, if the recorded DLL files are unsafe, preventing the to-be-protected equipment from executing the operation of the process. The method and the device can be used for solving the technical problem that the rogue program packs rogue DLL files and trusty white programs together, when the white programs are executed, the rogue DLL files are loaded, and thus the active defense is broken through.

Description

Technical field [0001] The invention relates to the field of computer network security, in particular to a method and device for actively defending malicious programs. Background technique [0002] Malicious program is a general term that refers to any program deliberately created to perform unauthorized and usually harmful behavior. Malicious programs can include viruses, Trojan horses, malicious scripts, malicious plug-ins, malicious review software, or malware. Computer viruses, backdoor programs, keyloggers, password stealers, Word and Excel macro viruses, boot sector viruses, script viruses, Trojan horses, criminal programs, spyware, and advertising programs are all examples of malicious programs. [0003] In the prior art, the anti-kill of malicious programs mainly relies on the feature library mode. The signature database is composed of signature codes of malicious program samples collected by anti-virus product providers, and the signature is the difference between the le...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
Inventor 张晓霖董杰
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap