Unlock instant, AI-driven research and patent intelligence for your innovation.

Malicious process identification method, terminal, server, system and storage medium

A process identification and server technology, which is applied in the field of Internet communication, can solve the problems of CPU resource occupation, easy missing data, insufficient backtracking, etc., and achieve the effect of increasing resource consumption and reducing the rate of missing checks

Pending Publication Date: 2019-10-22
TENCENT TECH (SHENZHEN) CO LTD
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When the frequency of data collection is not high, it is easy to miss the data of shorter processes. Therefore, the monitoring data obtained by this method is far from enough for data backtracking
If the error is reduced by increasing the frequency of data collection, it will inevitably occupy a large amount of local CPU resources, and will also occupy a large amount of network bandwidth, resulting in high resource consumption.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious process identification method, terminal, server, system and storage medium
  • Malicious process identification method, terminal, server, system and storage medium
  • Malicious process identification method, terminal, server, system and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in the present application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present application.

[0042] It should be noted that the terms "first" and "second" in the description and claims of the present application and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the application described herein can be practiced in sequences other than those illustrated or des...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious process identification method, a terminal, a server, a system and a storage medium, and the method comprises the steps: binding the message source information of aprocess with a socket, wherein the message source information of the process comprises the creation information of the process; based on the socket, monitoring creation information of the process; based on identification information in the monitored creation information of the process, constructing a process protocol packet, wherein the process protocol packet comprises attribute information of the process; sending the process protocol packet to a server, so that the server identifies a malicious process. By adopting the technical scheme of the invention, no matter whether the process is a long process or a short process, the process can be monitored according to the socket, and the monitoring of any short process in the terminal cannot be omitted; the malicious process recognition efficiency can be improved under the condition of low resource consumption, and the missing rate of malicious processes is reduced.

Description

technical field [0001] The present application relates to the technical field of Internet communication, and in particular to a method for identifying a malicious process, a terminal, a server, a system, and a storage medium. Background technique [0002] In the prior art, the process monitoring data of the client is packaged and then sent to the background server through the network. During this process, if the packet is intercepted by a hacker, the hacker can replay the background server by means of continuous replication, which may cause the business of the background server to collapse. Therefore, it is necessary to monitor the process, identify malicious processes and intercept them. . [0003] The existing process monitoring method monitors the process by collecting process data at different time points. When the frequency of data collection is not high, it is easy to miss the data of shorter processes. Therefore, the monitoring data obtained by this method is far fr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/56
CPCG06F21/552G06F21/56
Inventor 林委坤董志强
Owner TENCENT TECH (SHENZHEN) CO LTD