Terminal registry security protection method and system based on windows driving technology

A security protection and registry technology, applied in computer security devices, platform integrity maintenance, instruments, etc., can solve problems such as failure to protect the registry, untimely protection of illegal host behavior, and inability to restrict malicious programs from modifying the registry. Timely interception to meet real-time effects

Active Publication Date: 2022-08-02
国家工业信息安全发展研究中心
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] There are many traditional methods of protecting the registry, such as the method of periodically detecting whether the registry changes, but this method cannot detect changes in the registry in time, resulting in untimely protection of illegal host behaviors
For example, by capturing the mouse and keyboard events that the user modifies the registry on the interface, but this method cannot restrict malicious programs from modifying the registry by calling the windows system API
Another example is the method of manually backing up the registry. This method cannot protect the registry, but is only a remedial measure after the registry is found to be damaged.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Terminal registry security protection method and system based on windows driving technology
  • Terminal registry security protection method and system based on windows driving technology
  • Terminal registry security protection method and system based on windows driving technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The embodiments described below with reference to the accompanying drawings are exemplary and are only used to explain the present invention, but not to be construed as a limitation of the present invention.

[0045] Embodiment of the present invention: as figure 1 As shown, a terminal registry security protection method based on windows driving technology is disclosed, including the following steps:

[0046] Capture registry request change instructions sent by the operating system;

[0047] Determine whether the registry requested to be changed is the registry in the registry protection policy to be protected;

[0048] Intercept the change operation and control the agent component to send a prompt message to the user when the requested registry is the registry to be protected in the registry protection policy.

[0049] The operating system receives the request for changing the registry operation and sends the request to the receiving unit of the driver component, and...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a terminal registry security protection method and a protection system based on windows driving technology, wherein the protection method comprises the following steps: capturing a registry request modification instruction sent by an operating system. Determine whether the registry requested to be changed is the registry in the registry protection policy to be protected. Intercept the change operation and control the agent component to send a prompt message to the user when the requested registry is the registry to be protected in the registry protection policy. The terminal registry security protection method based on the windows driving technology proposed by the invention adopts the windows operating system driving mode to protect the specified registry path and all subkeys from being tampered with and deleted. Real-time detection and timely interception can be achieved by means of windows operating system driving, and all tampering operations can be avoided and monitored, thereby realizing the real-time, effectiveness and convenience of registry protection.

Description

technical field [0001] The invention relates to the technical field of registry security protection, in particular to a terminal registry security protection method and protection system based on windows driving technology. Background technique [0002] The registry is a core database in the windows operating system, which stores various parameters, directly controls the startup of windows, the loading of hardware drivers, and the running of some windows applications, thus playing a central role in the entire system. [0003] Registry corruption may cause application software to run abnormally, driver loading failures, or, more seriously, cause the system to fail to boot, which may also lead to serious network security risks. Some Trojan horses and viruses achieve the purpose of hiding themselves or destroying their behavior by writing to the registry, effectively protecting the registry of the host for terminal applications, operating systems, network security, behavior det...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/51G06F21/55G06F21/56
CPCG06F21/51G06F21/554G06F21/566
Inventor 郭娴杨佳宁陈柯宁杨立宝
Owner 国家工业信息安全发展研究中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap