Terminal registry security protection method and system based on windows driving technology

A security protection and registry technology, applied in computer security devices, platform integrity maintenance, instruments, etc., can solve problems such as failure to protect the registry, untimely protection of illegal host behavior, and inability to restrict malicious programs from modifying the registry. Timely interception to meet real-time effects

Active Publication Date: 2021-01-12
国家工业信息安全发展研究中心
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] There are many traditional methods of protecting the registry, such as the method of periodically detecting whether the registry changes, but this method cannot detect changes in the registry in time, resulting in untimely protection of illegal host behaviors
For example, by capturing the mouse and keyboard events that the user modifies the registry on the interface, but this method cannot restrict malicious programs from modifying the registry by calling the windows system API
Another example is the method of manually backing up the registry. This method cannot protect the registry, but is only a remedial measure after the registry is found to be damaged.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Terminal registry security protection method and system based on windows driving technology
  • Terminal registry security protection method and system based on windows driving technology
  • Terminal registry security protection method and system based on windows driving technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The embodiments described below by referring to the figures are exemplary only for explaining the present invention and should not be construed as limiting the present invention.

[0045] Embodiments of the present invention: as figure 1 As shown, a terminal registry security protection method based on windows driver technology is disclosed, comprising the following steps:

[0046] Capture registry request change instructions sent by the operating system;

[0047] Judging whether the registry that is requested to be changed is a registry in the protection policy of the registry to be protected;

[0048] Intercept the change operation and control the proxy component to send prompt information to the user when the registry that is requested to be changed is the registry in the registry protection policy to be protected.

[0049] The operating system receives the request to change the registry operation and sends the request to the receiving unit of the drive component, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a terminal registry security protection method and protection system based on a windows drive technology. The protection method comprises the following steps: capturing a registry request change instruction sent by an operating system; and judging whether the registry requested to be changed is a registry in the registry protection strategy to be protected or not. And whenthe registry requested to be changed is the registry in the registry protection strategy to be protected, intercepting a change operation and controlling the proxy component to send prompt informationto the user. According to the terminal registry security protection method based on the windows driving technology, a windows operating system driving mode is adopted, and a specified registry path and all sub-items are protected against tampering and deleting. Due to the fact that real-time detection can be achieved in a windows operating system driving mode, timely interception is achieved, alltampering operations can be avoided and monitored, and real-time performance, effectiveness and convenience of registry protection are achieved.

Description

technical field [0001] The invention relates to the technical field of registry security protection, in particular to a terminal registry security protection method and protection system based on windows drive technology. Background technique [0002] The registry is a core database in the windows operating system, which stores various parameters, directly controls the startup of windows, the loading of hardware drivers, and the operation of some windows applications, thus playing a central role in the entire system. [0003] Registry damage may lead to abnormal operation of application software, failure to load drivers, and more seriously, system failure to start, which may also lead to serious network security risks. Some Trojan horses and viruses achieve the purpose of hiding themselves or destroying behaviors by writing into the registry, effectively protecting the registry of the host computer for terminal applications, operating systems, network security, behavior dete...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/51G06F21/55G06F21/56
CPCG06F21/51G06F21/554G06F21/566
Inventor 郭娴杨佳宁陈柯宁杨立宝
Owner 国家工业信息安全发展研究中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap