Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for application process monitoring

A technology of application process and loading program, which is applied in the field of communication, can solve problems such as application performance impact, troubles, and user use, and achieve the effects of high application performance, accurate prevention, and prevention of injection behavior

Active Publication Date: 2020-06-05
TENCENT TECH (SHENZHEN) CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] 1. Through continuous detection to determine whether the application process is being debugged by malicious software, once it is found to be debugged, it will exit immediately, and the user cannot know the real reason for the application process exit in time, resulting in some application processes that are upgraded by loading programs and cannot be used normally. , causing troubles to users;
[0005] 2. Creating a daemon process attached to the application process requires an additional daemon process, which has a certain impact on application performance, and if the daemon process is killed, there will be no way to prevent it from being attached by malware
[0006] In related technologies, there is no effective solution for the above problems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for application process monitoring
  • Method and device for application process monitoring
  • Method and device for application process monitoring

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to make the objectives, technical solutions and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

[0030] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the technical field of the present invention. The terms used in the specification of the present invention herein are only for the purpose of describing specific embodiments, and are not intended to limit the present invention. The term "and / or" as used herein includes any and all combinations of one or more related listed items.

[0031] The application process monitoring method provided by the embodiment of the present invention can be applied to fi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An application process monitoring method comprises the steps of acquiring an application process start instruction, calling a dynamic-link library opening function according to the application process start instruction, determining whether the application process contains a loading program according to the dynamic-link library opening function, determining whether the loading program is a dangerous loading program when the application program contains the loading program, and if the loading program is a dangerous loading program, blocking the application program and returning a failure. The invention further provides an application process monitoring apparatus. When the application process is started, whether the application process is attached and whether the attached program is a dangerous loading program are determined; when the application process contains an attached program, immediate quit is not directly conducted; only when a dangerous loading program is loaded to the application process, the corresponding application process is blocked and failures are returned, so more accurate risk prevention is provided; and the great application performance is achieved, and injection behaviors of malicious software can be effectively prevented.

Description

Technical field [0001] The present invention relates to the field of communication technology, and in particular to a method and device for monitoring application processes. Background technique [0002] Code injection is a commonly used technology for malware such as plug-ins and viruses. Malware dynamically injects executable files containing malicious behavior into third-party application processes to run, achieving the effect of tampering, stealing data and destroying third-party application processes. Common third-party application processes such as banking, online shopping, payment, and games are often easily targeted by this type of malware. [0003] Generally, the process of injecting code into an application process consists of two steps. The first step is to attach the malware to the target application process to make it in a debuggable state, and the second step is to send a debugging command to the target application process to load it. Executable code for malicious be...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/51
CPCG06F21/51
Inventor 彭威王庆黄泽丰陈奋刘星星黄学钿庄灿杰
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com