Anti-vulnerability-exploitation method and system

A vulnerability and process technology, which is applied in the field of vulnerability prevention method and system, can solve the problems of high maintenance cost, user property security threat, failure to detect overflow vulnerabilities in time, and achieve the effect of ensuring stability and enhancing rapid response ability

Active Publication Date: 2014-12-17
ZHUHAI BAOQU TECH CO LTD
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Hackers mainly use some overflow vulnerabilities in office word to attack users. Since this kind of attack is launched through clever overflow vulnerabilities constructed in word documents, and point-to-point attacks are realized by transmitting word files, it is difficult to kill software by scanning such vulnerabilities Once the vulnerability is detected, it will pose a great threat to the user's property security once it is successfully executed.
[0003] Some existing antivirus software such as Kaspersky have some static scanning schemes about vulnerabilities, which are designed for specific vulnerabilities. They can detect the characteristics in word documents to determine whether vulnerabilities are being exploited. Although this method is aimed at However, due to the variability of vulnerabilities, the maintenance cost is relatively high, and new overflow vulnerabilities cannot be detected in time.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Anti-vulnerability-exploitation method and system
  • Anti-vulnerability-exploitation method and system
  • Anti-vulnerability-exploitation method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0037] The present invention mainly detects whether the loophole is running or not based on some abnormalities generated by some methods and characteristics in the exploiting process of the loophole. Once these abnormalities are detected, the loophole will be prevented from running. This feature is not aimed at a specific loophole, so it is universal , as long as the vulnerabilities using similar methods can be detected.

[0038] In this embodiment, the present invention is described in detail by taking the process to be protected as an office word process and the vulnerabilities to be intercepted as some overflow vulnerabilities of office word as an example.

[0039] Such as figure 1 As shown, a vulnerability prevention method includes the following steps:

[0040] Step S1, injecting the vulnerability protection module into the process to be...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an anti-vulnerability-exploitation method and system, belongs to the technical field of network security and aims to solve the problems of high maintenance cost and incapability of detecting new overflow vulnerabilities in time in the conventional vulnerability scanning scheme. The method comprises the following steps: injecting a vulnerability protection module into a process to be protected; detecting vulnerabilities by using the vulnerability protection module; intercepting vulnerabilities when running of the vulnerabilities is detected. By adopting the method and the system disclosed by the invention, the vulnerabilities can be detected in time during running of the vulnerabilities, and the vulnerabilities are prevented from running continually.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method and system for preventing exploitation of loopholes. Background technique [0002] As Microsoft stops technical support for the XP system, XP system users will also face attacks from various vulnerabilities, among which there are many office software vulnerabilities, and they are extremely harmful. An overflow vulnerability is a correctable defect of a computer program. The full name of an overflow vulnerability is a buffer overflow vulnerability, because it is an error code that is executed in the buffer when the program is executed, so it is called a buffer overflow vulnerability. Hackers mainly use some overflow vulnerabilities in office word to attack users. Since this kind of attack is launched through clever overflow vulnerabilities constructed in word documents, and point-to-point attacks are realized by transmitting word files, it is difficul...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/52G06F21/57
CPCG06F21/52G06F21/577
Inventor 张韬刘桂峰姚辉
Owner ZHUHAI BAOQU TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap