Method and device for actively defending against malicious programs

A malicious program and active defense technology, applied in the direction of platform integrity maintenance, etc., can solve the problems that the anti-killing method of malicious programs cannot be prevented, and the signature database generation and update virus lag, etc., to reduce the scope of interception and reduce the probability of inspection , the effect of improving operating efficiency

Active Publication Date: 2015-12-02
BEIJING QIHOO TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the number of malicious programs in the world is growing geometrically. Based on this explosive growth rate, the generation and update of signature databases usually lag behind the generation of viruses, resulting in the failure of anti-killing methods to prevent unknown malicious programs that are constantly generated.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for actively defending against malicious programs
  • Method and device for actively defending against malicious programs
  • Method and device for actively defending against malicious programs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0073] see figure 1 , shows a structural diagram of an apparatus for actively defending against malicious programs according to an embodiment of the present invention. The apparatus 100 may be located in a separate physical device, or in a device to be protected, for example, as a security detection module for terminals such as a PC (personal computer) to actively defend against malicious programs, and there is no special limitatio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of computer network safety and discloses a method and a device for actively defending a rogue program. The method comprises the following steps of: when to-be-protected equipment creates a process, judging whether a created process has risk or not according to process files related to the created process, if yes, intercepting an operation of loading DLL (Dynamic Link Library) files of the process by the created process, and recording the DLL files into the process information of an internal memory; and after the to-be-protected equipment starts the process, if the operated executed by the process is a dangerous operation, detecting whether the recorded DLL files of the process are safe or not, if the recorded DLL files are unsafe, preventing the to-be-protected equipment from executing the operation of the process. The method and the device can be used for solving the technical problem that the rogue program packs rogue DLL files and trusty white programs together, when the white programs are executed, the rogue DLL files are loaded, and thus the active defense is broken through.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a method and device for actively defending against malicious programs. Background technique [0002] Malicious program is an umbrella term for any program intentionally created to perform unauthorized and often harmful acts. Malicious programs may include viruses, Trojan horses, malicious scripts, malicious plug-ins, bad review software or rogue software, etc. Computer viruses, backdoors, keyloggers, password stealers, Word and Excel macro viruses, boot sector viruses, script viruses, Trojan horses, criminal programs, spyware, and adware are examples of malicious programs. [0003] In the prior art, anti-killing of malicious programs mainly depends on the signature database mode. The signature library is composed of signature codes of malicious program samples collected by antivirus product providers, and the signature codes are the differences between malicious program...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
Inventor 张晓霖董杰
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products