Ransomware defense method and system

A software and operating system technology, applied in the direction of instrument and platform integrity maintenance, digital data protection, etc., can solve problems such as loss, and achieve the effect of ensuring zero loss, protecting data and property safety, and reducing system consumption

Active Publication Date: 2018-02-23
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In May 2017, WannaCry, which used the SMB remote arbitrary code execution vulnerability to spread, swept the world and caused huge losses.
Existing ransomware detection methods have problems to varying degrees, especially in terms of accuracy and real-time performance, the shortcomings are very obvious

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware defense method and system
  • Ransomware defense method and system
  • Ransomware defense method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the purpose, features and advantages of the present invention more obvious and easy to understand, the technical core of the present invention will be further described in detail below in conjunction with the accompanying drawings and examples instruction of.

[0036] In the present invention, a set of reliable and effective ransomware defense system is designed, which can effectively solve the above-mentioned existing problems, and the system includes as follows:

[0037] Such as figure 1 As shown, it is a schematic diagram of the module composition of the system. The system is divided into five modules, which are the honeydocs generation module (that is, the fraudulent data generation module), the API global mount module, the process fraudulent module, and the honeydocs monitoring module (that is, the fraudulent data monitor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a ransomware defense method and system. The method comprises the following steps that 1, overall hooking is performed on an API which must be called by ransomware in the kernel mode or the user mode of an operation system; 2, finite segment cheating data is generated and deployed; 3, when a process is subjected to file traversal operation, a certain amount of cheating datais inserted into the traversal result and returned back to the process so as to cheat the process; 4, when the API obtained after overall hooking finds that the process operates the cheating data, whether the cheating data is abnormally changes or not is monitored so that whether the process is a malicious act of the ransomware or not is determined; 5, if the process is the malicious act of the ransomware, the process is ended and the user is informed. Under the condition of low consumption and zero loss, real-time detection and termination can be performed on the process of the ransomware, and users' and enterprises' data and property safety are protected.

Description

technical field [0001] The invention relates to the field of computer network security, and is aimed at ransomware, especially a defense system for encrypted ransomware, and more specifically, a method and system for defending ransomware using deception. Background technique [0002] Ransomware is a type of malware designed to extort money. It appeared in 1989. In recent years, with the emergence and popularization of Bitcoin technology, ransomware has risen and become a network security problem that cannot be ignored. [0003] The modes of transmission are diverse. Most ransomware invades user systems through social engineering methods, such as phishing emails, phishing websites, and watering hole attacks. In April 2016, there appeared ransomware SamSam that exploited system vulnerabilities to spread. In May 2017, WannaCry, which used the SMB remote arbitrary code execution vulnerability to spread, swept the world and caused huge losses. It is foreseeable that there may...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/62
CPCG06F21/566G06F21/6218
Inventor 刘潮歌冯云崔翔刘奇旭
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap