Ransomware defense method and device
A technology of software and software encryption, which is applied in the field of information security, can solve the problems of no solution proposed, the inability to detect unknown ransomware, and the inability to prevent it, so as to achieve the effect of defending against ransomware
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0014] Example 1
[0015] According to the embodiments of the present invention, a method embodiment of a ransomware defense method is provided. It should be noted that the steps shown in the flowchart of the accompanying drawings can be executed in a computer system such as a set of computer executable instructions, and Although the logical sequence is shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than here.
[0016] figure 1 Is a ransomware defense method according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:
[0017] In step S102, at least one trap folder conforming to the ransomware encryption type is constructed in the disk.
[0018] Specifically, the suffixes or file formats of the files in the trap folder constructed to comply with the ransomware encryption type include but are not limited to the following types:
[0019] 1cd,dbf,dt,cf,cfu,mxl,epf,kdbx,er...
Example Embodiment
[0058] Example 2
[0059] According to an embodiment of the present invention, a product embodiment of a ransomware defense device is provided, figure 2 Is a ransomware defense device according to an embodiment of the present invention, such as figure 2 As shown, the device includes a building module, a determining module, and a processing module. The building module is used to build at least one trap folder in the disk that meets the encryption type of the ransomware; the determining module is used to determine whether the trap folder has changed , Where the changes include at least one of the following: modify, delete, and rename the trap folder and add new files to the trap folder; the processing module is used to prohibit the execution of presets on the disk when the trap folder changes operating.
[0060] It should be noted here that the above-mentioned construction module, determination module, and processing module correspond to steps S102 to S106 in Embodiment 1. The ab...
Example Embodiment
[0072] Example 3
[0073] According to an embodiment of the present invention, a storage medium is provided, the storage medium includes a stored program, wherein the device where the storage medium is located is controlled to execute the above-mentioned ransomware defense method when the program is running.
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap