Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method, device and electronic equipment for processing thread registration

A technology for processing threads and threads, which is applied in the field of information security and can solve the problems of low operating system security protection efficiency.

Active Publication Date: 2019-04-09
ZHUHAI BAOQU TECH CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the embodiments of the present invention provide a method, device, and electronic device for processing thread registration, which can improve the security protection efficiency of the operating system, so as to solve the problem that in the existing method for processing thread registration, the kernel NtUserCallTwoParam function can be called directly To register the target thread as a system thread, the security protection efficiency of the operating system is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method, device and electronic equipment for processing thread registration
  • A method, device and electronic equipment for processing thread registration
  • A method, device and electronic equipment for processing thread registration

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] Embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0052] It should be clear that the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0053] figure 1 It is a schematic flow diagram of a method for processing thread registration in Embodiment 1 of the present invention, as figure 1 As shown, the method of this embodiment may include:

[0054] Step 101, when the pre-injected hook function detects that the kernel driver level user callback two-parameter function is called, hook the kernel driver level user callback two-parameter function;

[0055] In this embodiment, as an optional embodiment, the kernel driver level user callback function with two ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a processing thread register method and device and an electronic device and relates to the technology of information safety. Safety protection efficiency can be improved. The method includes the steps that when a pre-injected hook function monitors that a kernel drive-stage user callback double-parameter function is called, the function is hooked; current operation system version information is obtained, and function index number information transmitted by the function is called; if the current operation system version information and the transmitted function index number information are matched with an operation system version information / function index number information set mapped by a preset system thread, process information for calling the kernel drive-stage user callback double-parameter function is obtained; if an obtained application mapped by the process information is the same with any to-be-intercepted application in a preset to-be-intercepted application feature library, calling of the kernel drive-stage user callback double-parameter function is refused. The processing thread register method is suitable for processing thread register.

Description

technical field [0001] The invention relates to information security technology, in particular to a method, device and electronic equipment for processing thread registration. Background technique [0002] With the gradual disclosure of the technical details of the kernel layer of the operating system, more and more malicious applications (APP, Application) such as Trojan horses have begun to use kernel layer drivers to protect their own processes or threads. Malicious applications protected by kernel layer drivers The process or thread of the application program can manipulate the application program corresponding to other processes or threads in the operating system, so that the process of the malicious application program can conduct malicious attacks on other processes or threads according to the intention of the malicious application program provider, which may cause The operation of the computer is unstable, and even the leakage of user information is caused. For exam...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06F21/55
CPCG06F21/554G06F21/566
Inventor 杨峰
Owner ZHUHAI BAOQU TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com