Supercharge Your Innovation With Domain-Expert AI Agents!

Method for realizing installation tracking based on file filtering driver

A file filter-driven and file-driven technology, applied in computer security devices, software deployment, instruments, etc., can solve problems such as inability to host security protection

Active Publication Date: 2020-05-29
ZHEJIANG SUPCON TECH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention aims to overcome the problem in the prior art that security protection cannot be provided for the host when the installation package is installed, and provides a method for realizing installation tracking based on file filtering and driving that can provide security protection for the host when the installation package is installed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing installation tracking based on file filtering driver
  • Method for realizing installation tracking based on file filtering driver

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0024] Embodiment: A method for realizing installation tracking based on a file filtering driver. The present invention provides security protection for the host when the installation package is installed. When the installation package needs to be installed, the operation of the whitelist is not stopped, and the installation package is authorized to release files or process and allow the released file or process to enter the running state, and update the white list to allow the installed program to run. The method comprises the following steps:

[0025] S1: The application passes the path of the installation package to the file filter driver, the application runs in user mode, and the file driver runs in kernel mode;

[0026] The operating system is divided into two levels of operation, user mode and kernel mode. User programs run in the user state, with a low level; the operating system, device drivers, etc. run in the kernel state, with a high level, running in two states m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for realizing installation tracking based on a file filtering driver. The method comprises the following steps: S1, enabling an application program to transmit an installation package path to the file filtering driver; s2, executing the installation package by the file filtering driver, judging the executed program, and preventing the program which is not the installation package and is not in the white list from entering a running state; s3, adding processes and files released or executed by the installation package into the installation package tree, judgingeach released child node, and allowing the child node of the father node in the installation package tree to enter a running state; and S4, after the installation is finished, adding processes and files in the installation package tree into a white list. The invention provides a method for realizing installation tracking based on a file filtering driver, which can provide security protection for ahost when an installation package is installed.

Description

technical field [0001] The invention relates to the field of computer security protection, in particular to a method for realizing installation tracking based on a file filter driver. Background technique [0002] At present, in the field of industrial control security, the white list technology is commonly used to prevent the running and spreading of malware on the host, that is, the programs in the white list can run, otherwise they are blocked from running. The usual practice is to generate a white list after a full scan to ensure the security of the host, so that the host is "solidified" and only existing programs are allowed to run. But this will run into problems when the host needs to install new software or update old software. In this case, it is generally necessary to stop the whitelist protection first (otherwise the installation package and released new files will be blocked), and then install the software, and then there are two methods: one is for simple insta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/61G06F21/51
CPCG06F8/61G06F21/51G06F2221/033
Inventor 章维郭正飞沈利斌邵腾飞朱希成
Owner ZHEJIANG SUPCON TECH
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com