Method and device for monitoring executable program

A technology for executing programs and programs, applied in the field of monitoring executable programs, can solve the problem of inability to detect and intercept malicious code, and achieve the effect of getting rid of the dependence of malicious code features, ensuring security, and timely killing and intercepting

Inactive Publication Date: 2014-10-29
ZHUHAI JUNTIAN ELECTRONICS TECH
View PDF7 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, in the process of realizing the present invention, the inventors found that the prior art has at least the following problems: the above-mentioned method mainly relies on the characteristics of the obtained malicious code, so there is a hysteresis, and the malicious code cannot be detected and intercepted in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for monitoring executable program
  • Method and device for monitoring executable program
  • Method and device for monitoring executable program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0015] The method and device for monitoring an executable program according to the embodiments of the present invention will be described below with reference to the accompanying drawings.

[0016] figure 1 is a flow chart of an executable program monitoring method according to an embodiment of the present invention.

[0017] Such as figure 1 As shown, the monitoring methods of executable programs include:

[0018] S101. Determine an executable program to be monitored.

[0019] In the embodiment of the present invention, the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and device for monitoring an executable program. The method includes the steps that the executable program to be monitored is determined; feature information of the executable program to be monitored and a file, installed on a client side, of the executable program to be monitored are acquired; according to the matching result of the file and the feature information, whether the executable program to be monitored is an incredible program or not is determined, and when the executable program to be monitored is the incredible program, the executable program to be monitored is intercepted. The feature information of the executable program to be monitored and the file, installed on the client side, of the executable program to be monitored are acquired, according to the matching result of the file and the feature information, it is determined that the executable program to be monitored is the incredible program, and then the executable program to be monitored is intercepted, dependence on malicious code features is removed, the incredible program can be searched for, killed and intercepted, and security of user information is effectively guaranteed.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method and device for monitoring an executable program. Background technique [0002] In recent years, makers of viruses and malicious codes have begun to evade detection by existing security software by exploiting a loophole in legitimate software. The specific principle is as follows: a software is generally composed of an executable program body (exe file) and a dependent file (dll file). The exe file will dynamically load the dll file after startup, and execute the functions exported in the dll. Due to the lack of security awareness and some inherent technical defects, program designers generally do not verify whether the loaded dll has been tampered with or replaced. The creators of viruses and malicious codes can change the names of the exe files of the software to confusing names such as game accelerators, modifiers, gadgets, etc., and then package them tog...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/50
CPCG06F21/51G06F21/562
Inventor 赵昱陶智飞帅磊
Owner ZHUHAI JUNTIAN ELECTRONICS TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap