Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for processing extortion software in operation of virtual machine under cloud platform

A processing method and virtual machine technology, applied in the field of network security, can solve problems such as lag and low processing efficiency

Active Publication Date: 2019-01-15
ALIBABA GRP HLDG LTD
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The embodiment of the present application provides a method for processing ransomware while the virtual machine is running on the cloud platform, to at least solve the problem that the existing process startup processing method is a technology that lags behind in processing through a blacklist, resulting in low processing efficiency question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for processing extortion software in operation of virtual machine under cloud platform
  • Method for processing extortion software in operation of virtual machine under cloud platform
  • Method for processing extortion software in operation of virtual machine under cloud platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] According to the embodiment of the present application, an embodiment of a method for processing ransomware when a virtual machine is running on a cloud platform is provided. Instructions are executed in a computer system and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0033] figure 1 It is a flow chart of a method for processing ransomware when a virtual machine is running on a cloud platform according to an embodiment of the present application, as shown in figure 1 As shown, the method for processing ransomware during the operation of the virtual machine under the cloud platform includes the following steps:

[0034] In step S102, the first client acquires a process running in the virtual machine to be started and first process information corresponding to the process.

[0035] Specifically, the above-mentioned first client may be a cli...

Embodiment 2

[0083] According to the embodiment of the present application, an embodiment of a process startup processing system is also provided, such as figure 2 As shown, the system includes:

[0084] The first client 202 is configured to acquire a process to be started and first process information corresponding to the process.

[0085] Specifically, the above-mentioned first client may be a client that requires ransomware defense, such as a computer terminal or a computer terminal with a virtual machine installed, or a smart phone (including: Android phone and IOS phone), tablet Computers, notebook computers, handheld computers and other mobile terminals; the above-mentioned first process information may include: the file information and attribute information of the binary file corresponding to the process, the file information may be information such as the name and content of the binary file, and the attribute information may be binary Information such as the storage location of t...

Embodiment 3

[0116] According to an embodiment of the present application, an embodiment of a processing method for process startup is also provided. It should be noted that the steps shown in the flow charts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0117] The embodiment of the method for killing ransomware provided by the present application can be applied to public clouds in the Internet field (for example, Baidu Cloud, Tencent Cloud, Alibaba Cloud, etc.), and some relatively large network sites (for example, commercial companies, search engines, or government departments, etc.) to defend against ransomware.

[0118] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a compute...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application discloses a method for processing extortion software in the operation of a virtual machine under a cloud platform. The method comprises the following steps: a first client obtains a process to be started running in a virtual machine, and first process information corresponding to the process; the first client uploads the first process information to the server correspondingto the cloud platform, and receives the matching result returned by the server, wherein, the matching result is used to characterize whether the first process information matches the preset white list or not; if the match result is a match failure, the first client sends the first process information to the second client, and obtains the authorization information returned by the second client. Ifthe authorization information is Disable Startup, the first client disables startup of the process. The present application solves the technical problem that the prior processing method of process startup is that the processing is delayed by blacklisting, and the processing efficiency is low.

Description

technical field [0001] The present application relates to the field of network security, and in particular, relates to a method for processing ransomware during the operation of a virtual machine under a cloud platform. Background technique [0002] With the development of Internet technology, the network has become an indispensable part of people's life and work. Internet users can obtain massive amounts of information through computer networks, and communicate and exchange with other users conveniently, realizing the sharing of information resources. However, the rapid development of computer network technology has made the network environment more and more complex, and network security issues have become increasingly prominent. Ransomware is one of the fastest-growing network threats in recent years. [0003] Ransomware usually encrypts documents, emails, databases, source codes, pictures, compressed files and other files on the user's system in some form to make them un...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56G06F21/44G06F9/455
CPCG06F9/45558G06F21/44G06F21/566G06F2009/45587
Inventor 董斌雁
Owner ALIBABA GRP HLDG LTD