Supercharge Your Innovation With Domain-Expert AI Agents!

Ransomware defense method and device, storage medium, processor and host

A software and host technology, applied in the field of network security, can solve the problem of high implementation difficulty of ransomware defense methods, and achieve the effects of low implementation difficulty, prevention of proliferation, and simple deployment

Active Publication Date: 2020-08-28
HILLSTONE NETWORKS CO LTD
View PDF17 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The main purpose of this application is to provide a ransomware defense method, device, storage medium, processor, and host to solve the problem of high difficulty in implementing ransomware defense methods in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware defense method and device, storage medium, processor and host
  • Ransomware defense method and device, storage medium, processor and host
  • Ransomware defense method and device, storage medium, processor and host

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0070] Such as image 3 As shown, in the application scenario of the ransomware defense method of this embodiment, the user host is connected to the security device through communication, the user host and the security device are respectively connected to the network device, and the security device is a BDS security device, wherein the user host includes file monitoring module and ransomware, the above-mentioned file monitoring module is a sysmon tool, the security device is a BDS security device, and the security device includes a log receiving module, an analysis module, a network device linkage module and a user notification module.

[0071] The steps of the above-mentioned setting to execute the defense method of ransomware are as follows: the user host monitors the file operation behavior of the software under test to generate a monitoring log, and sends the monitoring log to the security device, and the log receiving module of the security device receives the monitoring l...

Embodiment 2

[0073] Such as Figure 4 As shown, in the application scenario of the ransomware defense method of this embodiment, the user host is connected to the security device through communication, the user host and the security device are respectively connected to the network device, and the security device is a BDS security device, wherein the user host includes file monitoring module, ransomware and analysis module, the above-mentioned file monitoring module is a sysmon tool, the security device is a BDS security device, and the security device includes a threat information receiving module, a network device linkage module and a user notification module.

[0074] The steps of the above-mentioned setting to execute the defense method of ransomware are as follows: the user host monitors the file operation behavior of the software under test to generate a monitoring log, and sends the monitoring log to the analysis module, and the analysis module analyzes the file operation behavior of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a ransomware defense method and device, a storage medium, a processor and a host. The ransomware defense method comprises the steps of acquiringa monitoring log of tested software, wherein the monitoring log is used for recording a first file name and a second file name, the first file name is the name of a file created by the tested software, and the second file name is thename of a deleted file of the tested software; obtaining the number of the first file names and the number of the second file names within a preset time; determining whether the tested software is ransomware or not according to the first file names, the second file names, the number of the first file names and the number of the second file names; and if the tested software is ransomware, blockingthe network connection of the host invaded by the ransomware. Compared with the technical scheme of deeply intervening in the user environment and establishing the protected storage area in the priorart, the defense method is low in implementation difficulty, simple in deployment and suitable for a network security scheme.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a ransomware defense method, device, storage medium, processor and host. Background technique [0002] Ransomware is a type of malicious code that invades hosts and performs destructive behaviors such as file encryption and original file deletion. After the user's important files are encrypted, ransomware developers will ask for a high ransom, and the encrypted data will not be restored until the ransom is received. [0003] Ransomware is often contagious. If there is a security hole in the intranet host, it is easy to cause ransomware to spread from one compromised host to the entire network, resulting in the destruction of a large number of hosts. Timely detection of ransomware, alerting users, and isolating ransomware-infected hosts to avoid large-scale spread of ransomware are important needs of users in the network security field. [0004] Partially en...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/56
CPCH04L63/1425H04L63/1441H04L63/145G06F21/562G06F2221/033
Inventor 王博赵烨王镜清杨升邱丽丽
Owner HILLSTONE NETWORKS CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com