Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Application process monitoring method and apparatus

A technology of application process and loading program, which is applied in the field of communication, can solve problems such as application performance impact, user use, troubles, etc., and achieve the effects of preventing injection behavior, high application performance, and accurate prevention

Active Publication Date: 2017-11-07
TENCENT TECH (SHENZHEN) CO LTD
View PDF8 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. Through continuous detection to determine whether the application process is being debugged by malicious software, once it is found to be debugged, it will exit immediately, and the user cannot know the real reason for the application process exit in time, resulting in some application processes that are upgraded by loading programs and cannot be used normally. , causing troubles to users;
[0005] 2. Creating a daemon process attached to the application process requires an additional daemon process, which has a certain impact on application performance, and if the daemon process is killed, there will be no way to prevent it from being attached by malware
[0006] In related technologies, there is no effective solution for the above problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application process monitoring method and apparatus
  • Application process monitoring method and apparatus
  • Application process monitoring method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0030] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the technical field of the invention. The terms used herein in the description of the present invention are for the purpose of describing specific embodiments only, and are not intended to limit the present invention. As used herein, the term "and / or" includes any and all combinations of one or more of the associated listed items.

[0031] The application process monitoring method provided by the embodiment of the present invention can be applied ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An application process monitoring method comprises the steps of acquiring an application process start instruction, calling a dynamic-link library opening function according to the application process start instruction, determining whether the application process contains a loading program according to the dynamic-link library opening function, determining whether the loading program is a dangerous loading program when the application program contains the loading program, and if the loading program is a dangerous loading program, blocking the application program and returning a failure. The invention further provides an application process monitoring apparatus. When the application process is started, whether the application process is attached and whether the attached program is a dangerous loading program are determined; when the application process contains an attached program, immediate quit is not directly conducted; only when a dangerous loading program is loaded to the application process, the corresponding application process is blocked and failures are returned, so more accurate risk prevention is provided; and the great application performance is achieved, and injection behaviors of malicious software can be effectively prevented.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a method and device for monitoring an application process. Background technique [0002] Code injection is a commonly used technique for malicious software such as plug-ins and viruses. Malware dynamically injects executable files containing malicious behavior into third-party application processes to run, tampering, stealing data, and destroying third-party application processes. Common third-party application processes such as banking, online shopping, payment, and games are often easy targets for this type of malware. [0003] Usually, the process of code injection into an application process includes two steps. The first step is to attach malware to the target application process to make it in a debuggable state. The second step is to send a debugging command to the target application process to make it load the Executable code for malicious behavior. Correspondingly...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/51
CPCG06F21/51
Inventor 彭威王庆黄泽丰陈奋刘星星黄学钿庄灿杰
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com