Terminal security protection method and system based on uefi and winpe

Abstract

The invention provides a terminal security precaution method and system based on a unified extensible firmware interface and a WinPE (Windows Preinstallation Environment), which comprises the steps ofexecuting remote data access to access to data on a remote server; executing identity authentication, and performing identity authentication with the remote server; executing kernel file protection,and carrying out integrity check and recovery on core files; executing malicious code detection; and executing third-party security software detection. A security protection module is developed basedon the UEFI and WinPE so as to perform security protection on an operating system of a user as soon as the computer is powered on until the user successfully enters the operating system. The precaution process is carried out before the operating system is loaded, malicious codes relying on the operating system are checked and killed before the operation, and thus the malicious codes cannot pose athreat to the precaution system, thereby achieving a purpose of preemption, and being capable of realizing real malicious code precaution.

Description

technical field [0001] The present invention relates to a method in the technical field of Internet information security, specifically a security protection method based on Unified Extensible Firmware Interface (UEFI, Unified Extensible Firmware Interface) and Windows Preinstallation Environment (WinPE, Windows Preinstallation Environment). Background technique [0002] With the continuous development of network applications and e-commerce, the security problems of computer systems have become increasingly prominent. The existing computer systems and their security protection methods obviously cannot meet the security needs of applications, and people begin to search for a comprehensive and thorough security solution from the perspective of computer architecture. The trusted platform specification drafted by TCG (Trusted Computing Group) is one of the good ideas, which has been recognized by most security researchers. UEFI is a new computer firmware interface standard propo...

AI Technical Summary

Problems solved by technology

At present, it is far from enough to rely solely on the antivirus software running on the operating system to prevent malicious codes. Typical problems include: some malicious codes will be loaded into the system before security software, giving priority to control the system; some malicious codes are parasitic in the core In service, security software cannot effectively clear it

Based on the unified extensible interface, this method realizes the malicious code protection function loaded before the operating system, but the detection and removal of malicious code, especially the protection function of the currently popular kernel-level malicious code is not perfect enough.

Images