Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for defending against ransomware and secondary encryption of host files

A secondary encryption and virus technology, which is applied in the field of information security, can solve problems such as losses, irreparable operating system and host files, and inability to guarantee secondary attacks by ransomware viruses, etc., and achieve the effect of accurate defense

Active Publication Date: 2022-04-19
BEIJING ANTIY NETWORK SAFETY TECH CO LTD
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] At present, the mainstream ransomware virus runs immediately after entering the user's host. The encryption process has evolved from a single modification of file content to a multi-dimensional means of destruction. After the system restarts, it will cause irreparable damage to the operating system and host files
Existing defense technologies are difficult to accurately defend against this phenomenon. They can only back up their original documents, which cannot be effectively defended. There is no guarantee that the ransomware virus will not attack the host again after the system is restarted.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for defending against ransomware and secondary encryption of host files
  • A method and system for defending against ransomware and secondary encryption of host files
  • A method and system for defending against ransomware and secondary encryption of host files

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the above-mentioned purposes, features and advantages of the present invention more obvious and easy to understand, the technical solutions in the present invention will be further detailed below in conjunction with the accompanying drawings illustrate.

[0029] The present invention provides an embodiment of a method for preventing ransomware from re-encrypting host files, such as figure 1 shown, including:

[0030] S101: After the ransomware alarm is triggered by means of ransomware defense and dealt with, obtain information on the operation process corresponding to the ransomware, and add it to the blacklist;

[0031] S102: Correlate host environment information with the information in the blacklist, and perform in-depth cleaning of the ransomware data;

[0032] S103: After the host system restarts, start the file sensing...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method and system for defending against ransomware secondary encryption of host files, including: after the ransomware alarm is triggered and dealt with through blackmail defense means, information on the corresponding operation process of the ransomware is obtained and added to the blackmail list; correlate host environment information with the information in the blacklist, and perform in-depth cleaning of ransomware data; after the host system restarts, start the file awareness program, and when it senses that there is a process of modifying files, it will filter the files operated by the modification process Check and match the specific operation information with the blacklist data to determine whether there is residual ransomware data in the host environment; if there is, it will be cleaned and written into the blacklist, otherwise the corresponding process will be released. The invention can accurately locate and deeply clean the remaining ransomware data in the system, and accurately defend the restarted host, so as to ensure that the operating system and host files are not damaged and modified by the ransomware again.

Description

technical field [0001] The present invention relates to the technical field of information security, and in particular to a method and system for defending against ransomware from secondary encryption of host files. Background technique [0002] At present, the mainstream ransomware virus runs immediately after entering the user's host. The encryption process has evolved from a single modification of file content to a multi-dimensional means of destruction. After the system restarts, it will cause irreparable damage to the operating system and host files. Existing defense technologies are difficult to accurately defend against this phenomenon. They can only back up the original files, but cannot achieve effective defense, and cannot guarantee that the ransomware will not attack the host again after the system is restarted. Contents of the invention [0003] The present invention proposes a defense method for restarting the operating system of the ransomware virus to encry...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/562G06F21/568
Inventor 孙洪伟徐翰隆王小丰肖新光
Owner BEIJING ANTIY NETWORK SAFETY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products