Unlock instant, AI-driven research and patent intelligence for your innovation.

Ransomware protection method and device, electronic equipment and storage medium

A technology of electronic equipment and software, applied in the field of information security, can solve the problem of low ransomware protection ability

Active Publication Date: 2018-01-09
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a ransomware protection method, device, electronic equipment and storage medium to solve the problem of low protection against ransomware in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware protection method and device, electronic equipment and storage medium
  • Ransomware protection method and device, electronic equipment and storage medium
  • Ransomware protection method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0058] figure 1 A schematic diagram of a ransomware protection process provided by an embodiment of the present invention, the process includes the following steps:

[0059] S101: If it is monitored that a process in the system modifies the file, record information about the modification operation performed by the process on the file in a modification operation file, and save the recording time of the information in the modification operation file.

[0060] The ransomware protection method provided by the embodiment of the present invention is applied to electronic equipment, and the electronic equipment can be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (Personal Digital Assistant, PDA), a network side device, etc. System and electronic devices that store files that can be modified.

[0061] The operating systems installed on different electronic devices can be the same or different. For example, the operating syste...

Embodiment 2

[0079] In order to improve protection efficiency, on the basis of the above embodiments, in the embodiment of the present invention, after the process is determined to be a ransomware process, the method further includes:

[0080] Save the process as a ransomware process into a blacklist of ransomware processes;

[0081] Before recording information about the modification operation performed by the process on the file into the modification operation file, the method further includes:

[0082] Judging whether the information of the process is stored in the ransomware process blacklist;

[0083] If so, blocking the process from modifying the file;

[0084] If not, proceed to the next step.

[0085] If it is determined that a certain process is a ransomware process, the process is saved as a ransomware process in the blacklist of ransomware processes. When the blacklist of ransomware processes is saved in the electronic device, if there is a file modification operation by the ...

Embodiment 3

[0090] In order to further improve the protection capability, on the basis of the above-mentioned embodiments, in the embodiment of the present invention, the recording of the modification operation information performed by the process on the file in the modification operation file includes:

[0091] According to the type of the modification operation, the information of the modification operation corresponding to the type of the modification operation is recorded in the modification operation file.

[0092] The electronic device saves the information of the modification operation performed on the file by the saving process, and after the process is determined to be a ransomware process, the file modified by the process can be restored, which further improves the protection capability.

[0093] When the electronic device records the information of the modification operation performed by the process on the file, the recorded information can be the same or different for different...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a ransomware protection method and device, electronic equipment and a storage medium. The method comprises the following steps of: if the fact that a modification operation iscarried out on a file by a process in a system is monitored by the electronic equipment, recording information of the modification operation carried out on the file by the process into a modificationoperation file, and storing a recording time of the information in the modification operation file; judging whether the process is a ransomware process or not according to each piece of information, corresponding to the process, of a first target modification operation in a set first record time length before the recording time in the modification operation file; and if the judging result is positive, stopping the process to modify the file. According to the method and device, the protection ability aiming at ransomware can be effectively improved.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a ransomware protection method, device, electronic equipment and storage medium. Background technique [0002] Ransomware is a type of computer malware that usually spreads through e-mails and Trojan horse viruses, infects electronic devices such as users' computers or mobile phones, and uses a variety of complex encryption algorithms or modifies users' files after infection. A combination of these methods is used to encrypt the user's file, so that the user cannot access the file normally, and thus ask the user for a ransom for restoring the file. The target of ransomware is usually the user's personal data, including documents, databases, source code, pictures, videos, etc., and the ransom currency is usually Bitcoin. Ransomware has exploded on a large scale in recent years, and millions of people have become victims of ransomware. Once user data is encry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/56
Inventor 樊宇陈寒冰刘文辉叶晓虎
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD