Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for protecting operation system, and electronic device

An operating system and hook technology, applied in the direction of platform integrity maintenance, etc., can solve the problems of user data damage, low security, low security protection efficiency of Windows operating system, etc., to improve security protection efficiency, enhance security, prevent The effect of being shut down or restarted

Inactive Publication Date: 2016-08-10
ZHUHAI BAOQU TECH CO LTD
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] But the method for preventing the operating system from being maliciously shut down or restarted, because the function of the shutdown function ExitWindows function or ExitWindowsEx function corresponding to the kernel is NtShutdownSystem, therefore, when the application layer process calls the ExitWindows function or ExitWindowsEx function to close and restart the operating system, the ExitWindows function Or the ExitWindowsEx function needs to call the kernel NtShutdownSystem function to shut down and restart the operating system, so that the function that actually completes the shutdown and restart of the operating system is the kernel NtShutdownSystem function, so that malicious applications can directly call the kernel NtShutdownSystem function to achieve malicious operations on the operating system Shutdown or restart operation, resulting in user data not being stored in time and being damaged, cannot effectively prevent malicious shutdown or restart of the operating system, resulting in low security protection efficiency and low security of the Windows operating system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for protecting operation system, and electronic device
  • Method and device for protecting operation system, and electronic device
  • Method and device for protecting operation system, and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] Embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0056] It should be clear that the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0057] figure 1 It is a schematic flowchart of a method for protecting an operating system according to an embodiment of the present invention. see figure 1 , the method includes:

[0058] Step 11, when the hook function pre-injected into the kernel layer detects that the application layer process calls the operating system shutdown or restart function, hook the operating system shutdown or restart function;

[0059] In this step, the malicious operation of the operating system includes: the operating system is ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a method and device for protecting an operation system, and an electronic device. The method comprises: hooking an operation system shutdown or restart function when a hook function pre-injected into an inner nuclear layer monitors that an application layer process invokes an operation system shutdown or restart function; acquiring process path information of the application layer process invoking the operation system shutdown or restart function, and extracting an application program mapped with the process path information; and refusing a shutdown or restart request of the application program if the acquired application program is the same as any one application program in a preset application program characteristic database. By applying the method and device and the electronic device, safety protection efficiency of the operation system can be improved.

Description

technical field [0001] The invention relates to computer network security technology, in particular to a method, device and electronic equipment for protecting an operating system. Background technique [0002] With the gradual disclosure of the technical details of the kernel layer of the Windows operating system, more and more malicious applications such as Trojan horses have begun to use kernel layer drivers to protect their own processes. The processes of malicious applications protected by kernel layer drivers can be End (kill) other processes in the Windows operating system, so that the malicious application process can maliciously attack the user's process or system process according to the intention of the malicious application provider, which may cause the computer to run unstable, or even Bring very large economic losses to users, for example, maliciously shut down or restart the computer system, thereby destroying the computer user system and causing user data to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/52
CPCG06F21/52
Inventor 杨峰
Owner ZHUHAI BAOQU TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com