Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

ETW-based file operation monitoring method in a WPD

A file operation and file technology, applied in hardware monitoring, instruments, electrical digital data processing, etc., to prevent leaks, avoid compatibility problems, and avoid blue screen problems.

Pending Publication Date: 2019-04-12
NANJING FUJITSU NANDA SOFTWARE TECH
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, for WPDs such as mobile phones and digital cameras, the operation monitoring of files cannot be realized through conventional file filtering drivers. Record and Monitor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ETW-based file operation monitoring method in a WPD
  • ETW-based file operation monitoring method in a WPD
  • ETW-based file operation monitoring method in a WPD

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The following description and drawings illustrate specific embodiments of the invention sufficiently to enable those skilled in the art to practice them. Other embodiments may incorporate structural, logical, electrical, process, and other changes. The examples merely represent possible variations. Individual components and functions are optional unless explicitly required, and the order of operations may vary. Portions and features of some embodiments may be included in or substituted for those of other embodiments. The scope of embodiments of the present invention includes the full scope of the claims, and all available equivalents of the claims.

[0050] In some illustrative examples, such as figure 1 and 2 As shown, a method for monitoring file operations in WPD based on ETW is provided, including:

[0051] 101: The main process of the processor of the WPD loads a file operation monitoring function module.

[0052] 102: The file operation monitoring function mod...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an ETW-based file operation monitoring method in a WPD. The method comprises the steps that a monitoring callback function of the WPD automatically calls and intercepts an operation communication log of a related WPD in the ETW; and analyzing the operation communication log of the WPD, pushing back the user operation and outputting the user operation. WPD related file operation is reversely analyzed from a large number of system logs, and the problem that files in WPD cannot be monitored is solved; Under the condition that the user experience is not influenced, the background records and monitors files in the user operation WPD; By monitoring the operation monitoring of the user on the file in the WPD in real time, the dangerous operation of the user is found in time, the leakage work is restrained, and the security is improved; By analyzing a WPD operation log of ETW, historical operation is traced back, and a secret divulging path is uncovered; Meanwhile, the method does not need to be realized through bottom-layer driving, so that the problem of compatibility between the driving and the system is avoided, and the problem of blue screen frequently occurringwhen the system monitors the WPD is avoided.

Description

technical field [0001] The invention belongs to the technical field of data leakage prevention security in WPD, and in particular relates to an ETW-based file operation monitoring method in WPD. Background technique [0002] In the data leakage prevention security technology, by monitoring, tracking, and recording the user's file data operations on the system's hard disk and various removable devices, it is possible to detect high-risk operations of the user in time, and issue an alarm before the leakage event occurs to curb the leakage Event happens. At the same time, by sorting out user operation data and looking back at historical activities, leaking channels can be discovered. [0003] Operate Windows Portable Devices (WPD, Windows Portable Devices), currently based on Media Transfer Protocol (MTP, Media Transfer Protocol) and Picture Transfer Protocol (PTP, Picture Transfer Protocol), control files through object ID, realize file operations, and common files The opera...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/34G06F21/62
CPCG06F11/3438G06F21/6209
Inventor 余湛王申豪刘杰林翠平
Owner NANJING FUJITSU NANDA SOFTWARE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com