Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, device and server for defending against virus attack

A technology of viruses and virus programs, which is applied in the computer field, can solve problems such as user hazards and users' important data files cannot be directly restored, and achieve the effect of improving security

Active Publication Date: 2021-02-05
BEIJING QIHOO TECH CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the security industry has not been able to effectively break the malicious encryption behavior of the ransomware for the time being. Once the user host is infiltrated by the ransomware, the only way to remove the ransomware behavior is to reinstall the operating system, but the user's important data files cannot be directly restored; if the user If you want to decrypt this important file, you need to pay a high ransom to the hacker before you can decrypt and restore the file, which brings great harm to users.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and server for defending against virus attack
  • Method, device and server for defending against virus attack
  • Method, device and server for defending against virus attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0141] Based on the inventive concept of the present invention, an embodiment of the present invention provides a method for defending against virus attacks, which is also used to effectively detect and kill viruses in the system kernel, and perform abnormal alerts.

[0142]The specific application scenario of the method embodiment is: a service function import and export table (SSDT, System Service Dispatch Table) designed by Microsoft in the system kernel, and the routines of the service function import and export table cover: file operation, registration Table operations, process operations, thread operations, memory operations, object operations and other functions. Various functional functions are stored in the service function import and export table, which are used to perform function calls when various functions are implemented. Usually, in addition to the functional functions, the function derivative table will also be set with one or more empty service functions. exp...

Embodiment 2

[0179] Based on the inventive concept of the present invention, the embodiment of the present invention provides a device for defending against virus attacks, which is also used to effectively detect and kill viruses in the system kernel, and perform abnormal alerts. The schematic diagram of the device is shown in Figure 4 shown, including the following units:

[0180] The first determination unit 401, the replacement unit 402 and the reminder unit 403, wherein:

[0181] The first determining unit 401 is used to determine the position of the implanted virus code in the system kernel;

[0182] A replacement unit 402, configured to replace the virus code with the defense code, so that when the defense code is executed, the virus program corresponding to the virus code cannot run;

[0183] The reminding unit 403 is used to remind the abnormality when the defense code is executed.

[0184] The specific workflow of this embodiment of the device is as follows: first, the first d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a virus-attack defending method and device and a server. The method includes the steps that a position of a virus code implanted in a system kernel is determined; the virus code is replaced with a defending code so that a virus program corresponding to the virus code cannot operate when the defending code is carried out; when the defending code is carried out, abnormal reminding is carried out. In the virus-attack defending method and device and the server in the embodiment, the virus code is replaced, attacks of the virus code to the system kernel are stopped when the virus code is carried out, and the safety of the system kernel is improved; as the virus code is replaced with the defending code, abnormal reminding is carried out when the defending code is carried out, a user can fully carry out virus checking and killing on a target program attacked by a virus in time according to abnormal reminding, and the safety of the system kernel is further improved.

Description

technical field [0001] The present invention relates to the field of computer technology, and in particular, the present invention relates to a method, an apparatus and a server for defending against virus attacks. Background technique [0002] At present, with the continuous development of computer technology, many virus tools (for example, backdoor programs, Trojan horses, spyware, adware, etc.) use vulnerabilities in the system kernel to implant virus codes into system programs, thereby causing system paralysis and giving User operation may cause inconvenience, or lead to the leakage of user's private information, and bring hidden danger to the user's personal and property safety, and so on. [0003] For example, there is currently a large-scale ransomware infection event around the world. The event is specific: hackers use the dangerous vulnerability "EternalBlue" (EternalBlue) leaked by the NSA (National Security Agency) to spread the ransomware. In a very short period...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/56
Inventor 郑文彬潘剑锋
Owner BEIJING QIHOO TECH CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com