Supercharge Your Innovation With Domain-Expert AI Agents!

Ransomware detection method and device, electronic equipment and storage medium

A software detection and electronic device technology, applied in the field of network security, can solve problems such as lack of versatility and system performance impact, and achieve the effect of less memory usage and less system performance impact

Pending Publication Date: 2020-04-24
HARBIN ANTIY TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present invention provides a ransomware detection method, device, electronic equipment, and storage medium, which are used to solve the problem of detecting ransomware in the prior art by using a feature detection method, which is not universal, and uses a method of detecting and intercepting API calls , issues that have an impact on system performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware detection method and device, electronic equipment and storage medium
  • Ransomware detection method and device, electronic equipment and storage medium
  • Ransomware detection method and device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Ransomware has been very active in recent years, seriously threatening the data security of computer users. The general working process of ransomware is: obtain the basic information of the host; enumerate and close the specified process of the current system; traverse the disk, encrypt the specified type of file; display the ransom information. Due to the system's own security mechanism, files opened in the exclusive mode of a certain process cannot be read and written by others, and such occupied files are often files with high value in the current system, so the ransomware will perform encryption operations Before, enumerate the system processes and close the specified processes. Based on this, embodiments of the present invention provide a ransomware detection method, device, electronic equipment, and storage medium.

[0024] The specific implementations of a ransomware detection method, device, electronic equipment, and storage medium provided in the embodiments o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a ransomware detection method and a device, electronic equipment and a storage medium, and aims at solving the problems that in the prior art, a feature detection method is adopted for detecting ransomware, universality is not achieved, and a method for detecting and intercepting API calling is adopted, so that system performance is affected. The method comprises the following steps: constructing a false process information list; the Hook enumerates all APIs required by the process and the ending process of the current system; if the API of the enumeration process is called, normally calling the API, and adding corresponding false process information into return information of the API; and if the API of the ending process is called, judging whetherthe information of the API operation object is in false process information, if yes, further judging whether the API caller is a known normal program, and if not, judging that ransomware exists in thecurrent system.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a ransomware detection method, device, electronic equipment and storage medium. Background technique [0002] With the development and popularization of computer technology, computer applications have fully penetrated into people's work and life, and have become an indispensable important tool and home entertainment equipment for people. With the widespread use of computers, corresponding computer security issues will also arise, and ransomware is a way to threaten computer security. Ransomware is a popular Trojan horse that makes users' data assets or computing resources unusable by means of harassment, intimidation, or even kidnapping of user files, and extorts money from users on this condition. Such user data assets include documents, emails, databases, source codes, pictures, compressed files and other files. The ransom comes in real money, Bitcoin or othe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56H04L29/06
CPCG06F21/566H04L63/145
Inventor 李柏松曹鑫磊刘佳男
Owner HARBIN ANTIY TECH
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com