Ransomware defense method and device

A technology of software and software encryption, which is applied in the field of information security, can solve the problems of no solution proposed, the inability to detect unknown ransomware, and the inability to prevent it, so as to achieve the effect of defending against ransomware

Inactive Publication Date: 2017-07-14
福建平实科技有限公司
View PDF6 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The defense scheme for ransomware in the prior art is mainly to discover known ransomware by means of antivirus engine scanning features; Use the samples in the virus database to compare all the programs or files in the machine to see if they match these samples. If it is, it is a virus, otherwise it is not necessarily a virus (because there are still many that have not been discovered or have just been detected. generated virus), but since the virus library of the antivirus engine is known and the collected samples are generated by extracting features, it is impossible to prevent unknown samples that have not been collected, and the scheme based on this principle cannot detect Unknown ransomware; and because the virus database is obtained

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware defense method and device
  • Ransomware defense method and device

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0014] Example 1

[0015] According to the embodiments of the present invention, a method embodiment of a ransomware defense method is provided. It should be noted that the steps shown in the flowchart of the accompanying drawings can be executed in a computer system such as a set of computer executable instructions, and Although the logical sequence is shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than here.

[0016] figure 1 Is a ransomware defense method according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:

[0017] In step S102, at least one trap folder conforming to the ransomware encryption type is constructed in the disk.

[0018] Specifically, the suffixes or file formats of the files in the trap folder constructed to comply with the ransomware encryption type include but are not limited to the following types:

[0019] 1cd,dbf,dt,cf,cfu,mxl,epf,kdbx,er...

Example Embodiment

[0058] Example 2

[0059] According to an embodiment of the present invention, a product embodiment of a ransomware defense device is provided, figure 2 Is a ransomware defense device according to an embodiment of the present invention, such as figure 2 As shown, the device includes a building module, a determining module, and a processing module. The building module is used to build at least one trap folder in the disk that meets the encryption type of the ransomware; the determining module is used to determine whether the trap folder has changed , Where the changes include at least one of the following: modify, delete, and rename the trap folder and add new files to the trap folder; the processing module is used to prohibit the execution of presets on the disk when the trap folder changes operating.

[0060] It should be noted here that the above-mentioned construction module, determination module, and processing module correspond to steps S102 to S106 in Embodiment 1. The ab...

Example Embodiment

[0072] Example 3

[0073] According to an embodiment of the present invention, a storage medium is provided, the storage medium includes a stored program, wherein the device where the storage medium is located is controlled to execute the above-mentioned ransomware defense method when the program is running.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a ransomware defense method and device. The method comprises the following steps: creating at least one trap folder fitting ransomware encryption type in a magnetic disc; determining whether the trap folder changes, wherein the change includes at least one of the followings: modifying, deleting and renaming the trap folder, and adding a new file into the trap folder; and inhibiting to performing default operation on the magnetic disc in case that the trap folder changes. With the adoption of the ransomware defense method and device, the technical problem that an existing ransomware defense scheme in the prior art is too weak to defense known or unknown ransomware can be solved.

Description

technical field [0001] The present invention relates to the field of information security, in particular to a ransomware defense method and device. Background technique [0002] Ransomware is a type of malicious software used by hackers to hijack user assets or resources and extort money from users on the condition of this. Ransomware usually encrypts documents, emails, databases, source codes, pictures, compressed files and other files on the user's system in some form to make them unusable, or interferes with the normal use of users by modifying system configuration files. The systematic method reduces the availability of the system, and then sends a blackmail notice to the user through pop-up windows, dialog boxes, or text files, requiring the user to transfer money to the designated account to obtain the password for decrypting the file or obtain the method to restore the normal operation of the system. [0003] The defense scheme for ransomware in the prior art is main...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/56G06F21/568
Inventor 倪茂志
Owner 福建平实科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap