CN102024114B - Malicious code prevention method based on unified extensible fixed interface - Google Patents
Malicious code prevention method based on unified extensible fixed interface Download PDFInfo
- Publication number
- CN102024114B CN102024114B CN2011100084785A CN201110008478A CN102024114B CN 102024114 B CN102024114 B CN 102024114B CN 2011100084785 A CN2011100084785 A CN 2011100084785A CN 201110008478 A CN201110008478 A CN 201110008478A CN 102024114 B CN102024114 B CN 102024114B
- Authority
- CN
- China
- Prior art keywords
- malicious code
- uefi
- operating system
- inspection
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a malicious code prevention method based on a unified extensible fixed interface (UEFI), belonging to the technical field of Internet information security. The method comprises the following steps: realizing a network connection module by using a programming interface provided by the UEFI, and maintaining a malicious code feature library for malicious code check based on feature codes and program backup for data recovery on a remote server; creating a storage space on the local hard disk, storing an abstract set as the core document of integrity checking information, and clearing garbage information and configuration information of sticky data of a system; and finally, executing the malicious code prevention. By utilizing the advantages of UEFI, the invention carries out related operations before the loading of the operating system, and detects and clears the malicious codes in the UEFI environment, thereby effectively dealing with the popular inner-core malicious codes at present.
Description
Technical field
What the present invention relates to is the method in a kind of internet information safety technique field, specifically is a kind of malicious code prevention method that can expand fixed interface (UEFI) based on unification.
Background technology
Along with the continuous development of network application and ecommerce, security issues become increasingly urgent for computer system.Existing computer system and security protection means thereof obviously can not satisfy the demand of application to safety, and people begin to seek comprehensively security solution completely from Computer Architecture.The credible platform standard that TCG (Trusted Computing Group, Trusted Computing tissue) drafts is exactly one of them good idea, has obtained most of security study personnel's approval.UEFI is the brand-new computer firmware interface standard that Intel proposes, and it just progressively replaces traditional BIOS.UEFI provides an Embedded Application platform efficiently, can develop various special application as required.
It is one of difficult point of information security field that malicious code (containing traditional computer virus) is taken precautions against.Current, only relying on the antivirus software operate on the operating system, to come the preventing malice code be far from being enough, and typical problem comprises: some malicious code can be loaded into system prior to fail-safe software, priority control system; Some malicious code colonizes in the kernel service, and fail-safe software can not effectively be removed it.Existing malicious code is taken precautions against software can not handle above-mentioned situation preferably.
Retrieval through to the prior art document is found, Chinese patent document number CN101436247A, and open day 2009-5-20 has put down in writing a kind of " based on biological personal identification method and the system of UEFI ", and this technology comprises: the user's that prestores biometric code; Call shape library authenticating user identification interface; Explicit user login graphical interfaces, the prompting user imports biological identification data message; Gather user's biological identification data message; Extract eigenwert, obtain biometric code; Calling biometric code compares with the biometric code that prestores; Judge whether to be complementary; If be complementary, then authentification of user success.
And Chinese patent document number CN101587451A; Open day 2009-11-25; Put down in writing a kind of " data backup and restoration methods based on the EFI firmware are sharp "; This technology is carried out read/write operation through EFI_BLOCK_IO_PROTOCOL (piece IO interface) to hard disk sector, through EFI_FILE_PROTOCOL (file interface) file is carried out read/write operation.When receiving data backup command, boot sector data in the source partition and All Files are backed up into image file; When receiving system recovery command, boot sector in the image file and file data information are write target partition, above-mentioned technology has been carried out authentication and data backup and has been resumed work, and does not relate to the strick precaution content of malicious code.
Chinese patent document number CN101482907A; Open day 2009-07-15; Put down in writing a kind of " based on the main unit malice code behavior detection system of expert system ", this technology mainly comprises behavior trapping module, output normalization processing module, inference machine and behavior knowledge base content, uses this system and can detect the known or unknown malicious code of condition code with specific behavior; This technology is the typical representative system that present malicious code is taken precautions against; This type systematic all carries out the detection and the removing work of malicious code at operating system environment, still, but have the situation that is unable to cope with the kernel level malicious code.
Summary of the invention
The present invention is directed to the above-mentioned deficiency that prior art exists; A kind of malicious code prevention method that can expand fixed interface based on unification is provided; Utilize the advantage of UEFI; Associative operation is carried out in loading prior to operating system, in the UEFI environment, carries out malicious code and detects and remove, and can effectively tackle the kernel level malicious code of current popular.
The present invention realizes through following technical scheme, the present invention includes following steps:
The first step, the DLL that adopts UEFI to provide is realized network connecting module, safeguards the data on the remote server.Deposit two types of data on the remote server: one type is the malicious code feature database, and the malicious code inspection based on condition code is served in this storehouse; Another kind of is to be used for the program backup that data are recovered.
Described malicious code condition code is specially, and binary code string that can unique sign malicious code if an object contains this string, explains that then this object is infected by malicious code; Otherwise, then do not infected.
Program backup is used in described recovery, is specially, and the kernel program of operating system has stability and limited amount, backups to remote server to these kernel programs in advance.If this program is destroyed, can be from the remote data base down loading updating, to realize recovery.
Second step, local storage administration.The DLL that adopts UEFI to provide is created a storage space, memory integrity fox message and data scrubbing configuration information at local hard drive.Wherein integrity check info is the summary set of core document; Program is according to the junk information of data scrubbing configuration information scavenge system, obstinate data.
Described storage space is specially, and this space has UEFI to be created in local hard drive, be operating system the space that can not visit.
Described integrity checking is meant: at first the kernel program to said operating system carries out MD5 digest, and carries out detailed record to summary info, judge when the summary of summary that calculate and storage not simultaneously, this kernel program is tampered.
Described junk information is specially, the temporal data of operating system, cache file.
Described obstinate data are specially, the data that under operating system environment, can't delete.These data can be deleted under the UEFI environment.
In the 3rd step, malicious code is taken precautions against module.The concrete work that malicious code is taken precautions against is all accomplished in this module, and it mainly comprises the integrity checking and the recovery of the core document of operating system; Various data scrubbings; The inspection of trojan-horse program and removing; Operating system malice starts the inspection and the processing of item; Several work are checked and handled to malicious code based on condition code.
Described core document is meant: in the Windows operating system, and the partial document under All Files under the System catalogue and the System32 catalogue.
Described data scrubbing is specially, the junk data in the cleaning system, obstinate data.
The inspection and the removing of described trojan-horse program are meant: search the self-starting item of wooden horse at registration table, startup file place and remove according to the static nature of trojan horse program.
Inspection and processing that described operating system malice starts item are meant: whether ad-hoc location, the inspection of win.ini system file ad-hoc location at registration table have unusual startup item, when having unusual startup item, then remove automatically or the prompting user.
Described malicious code inspection and processing based on condition code is meant: whether employing condition code scanning technique identifying operation system file contains malicious code and removes, isolates or recover.
Compare with existing malicious code precautionary technology; Strick precaution process of the present invention is carried out before operating system loads; Have following beneficial effect: the malicious code that depends on operating system is off-duty still, promptly can not form this strick precaution program to threaten, and also accomplish preemptive purpose fully; Therefore, can realize real malicious code strick precaution.
The user powers up to computing machine, and computing machine gets into the UEFI environment; The second, UEEI verifies, to guarantee the integrality of self; The 3rd step was a core content of the present invention, promptly took precautions against based on the malicious code of UEFI.Handle safety verification, reparation and the malicious code removing work of operating system through the 3rd step and all accomplish, can guarantee to get into the os starting stage safely.The 4th, the loading work of beginning operating system had both begun normally to start the operating system.The 5th, the os starting success gets into normal system operational phase.If removed for the 3rd step, remaining several steps is typical UEFI start-up course.Innovation part of the present invention is, takes precautions against module to malicious code and is integrated in the UEFI environment, and before operating system loads, accomplish the core work that malicious code is taken precautions against.
Description of drawings
Fig. 1 is a schematic flow sheet of the present invention.
Fig. 2 is that embodiment disposes synoptic diagram.
Embodiment
Elaborate in the face of embodiments of the invention down, present embodiment provided detailed embodiment and concrete operating process, but protection scope of the present invention is not limited to following embodiment being to implement under the prerequisite with technical scheme of the present invention.
Embodiment
As depicted in figs. 1 and 2, present embodiment may further comprise the steps:
The first step, remote data access.The interface for network programming that adopts UEFI to provide realizes network connecting module, safeguards the data on the remote server.Deposit two types of data on the remote server: one type is the malicious code feature database, and the malicious code inspection based on condition code is served in this storehouse; Another kind of is to be used for the program backup that data are recovered.
Described UEFI interface for network programming is specially, and UEFI provides abundant procotol DLL.The present invention realizes that under the UEFI environment network connects client, connects through Socket connected mode and remote server, and safeguards the data on the remote server.
Described malicious code feature database is specially, the library file that is formed by the malicious code condition code.In order to save local storage space, this document leaves on the remote server.When the strick precaution program need be used these data, download from remote server.
The organizational form of malicious code feature database is as shown in table 1.
Table 1
Program backup is used in described recovery, is specially, and the kernel program of operating system has stability and limited amount, backups to remote server to these kernel programs in advance.If this program is destroyed, can be from the remote data base down loading updating, to realize recovery.
Recover with the organizational form of stand-by program (Qi Zhong $Sys representes the operating system installation path) as shown in table 2.
Table 2
Second step, local storage administration.The file operation DLL that adopts UEFI to provide is created a storage space, memory integrity fox message and data scrubbing configuration information at local hard drive.Wherein integrity check info is the summary set of core document; Program is removed junk information, the obstinate data of operating system of user according to the data scrubbing configuration information.
Described storage space is specially, and this space is created in local hard drive through the file operation DLL that UEFI provides.This space can only be visited by UEFI, and operating system can not directly be visited.
Described integrity checking is specially, and at first system nucleus is carried out MD5 digest, and carries out detailed record to summary info.If certain program has been distorted, the summary of its new calculating is inevitable different with the storage summary, therefore, can check the integrality of kernel program.
The storage mode of integrity checking data is as shown in table 3.
Described junk information is specially, the temporal data in the operating system, cache file.These data and file accumulative total can take the system disk space more for a long time, and the reduction system carries out efficient, even can become the habitat of malicious code.Therefore, these junk information are regularly removed in suggestion.The junk information that the present invention removes comprises: the operating system temporary file is specially the data in the temp catalogue under system's installation path; Browser rs cache is specially, Temporary Internet Files; The recycle bin file is specially, the recycle bin directory on each logic magnetic disc.
Described obstinate data are specially, the data that under operating system environment, can't delete.These data can be deleted under the UEFI environment.The instantiation of obstinate data is by the file or folder title of unallowable instruction digit establishment, like " // .doc ".
Described data scrubbing configuration information, i.e. the foundation of data scrubbing.Its configured list is as shown in table 4:
Table 4
| Sequence number | Classification | Tabulation | Whether remove |
| 1 | Junk information | System's temporary file | Yes/no |
| 2 | Junk information | Browser caching data | Yes/no |
| … |
| n | Obstinate data | Illegal file | Yes/no |
In the 3rd step, malicious code is taken precautions against module.The concrete work that malicious code is taken precautions against is all accomplished in this module, and it mainly comprises the integrity checking and the recovery of the core document of operating system; Various data scrubbings; The inspection of trojan-horse program and removing; Operating system malice starts the inspection and the processing of item; Several work are checked and handled to malicious code based on condition code.
The integrity checking of the core document of described operating system and recovery are specially, and carry out the integrity checking of core document according to the data of table 3.When newly-generated MD5 is identical with backup MD5, explain that this document is not destroyed.When the value of two MD5 not simultaneously, the core document in the description operation system is destroyed, and must recover it.Restoration methods is according to table 2 storage mode, to download source document from server, the core document in the overlapping operation system.
Described various data scrubbing is specially, according to junk data, the obstinate data in the configuration information deletion system of table 4.
The inspection of described trojan-horse program and removing are specially, and search wooden horse and remove according to the static nature of trojan horse program.Typical wooden horse has the specific place of one or more file distribution in operating system, can add the self-starting item at registration table, startup file place.After operating system infects grey pigeon wooden horse, can under the Windows installation directory, generate 3 malicious code files, be respectively G_Server.exe, G_Server.dll, G_Server_Hook.dll.Sometimes also can generate the G_ServerKey.dll file.The ash pigeon in WindowsXP and 2000 systems, register system service as, can registry entry " HKEY_LOCAL_MACHINE " in find the G_server.exe service entry.Windows me in the system, can in registry entry " HKEY_CURRENT_USER Version ", find G_server.exe to start.Therefore,, can whether exist, search the method whether registry entry of ad-hoc location exist and find this wooden horse and it is carried out deletion action through the file of searching ad-hoc location to grey pigeon wooden horse.
An inspection and a processing that described operating system malice starts are specially, and in ad-hoc location, the inspection of win.ini system file ad-hoc location of registration table whether unusual startup item are arranged.Whether if unusual startup item is arranged, ensuing processing can be removed by Automatic Program, also can adopt interactive mode, removed by user's decision.The present invention starts (shown in the table 5) in following position detection malice.
Table 5
Described malicious code inspection and processing based on condition code are specially, and according to the malicious code feature code storehouse in the table 1, adopt condition code scanning technique identification file whether to contain malicious code.If contain malicious code in the discovery file, then remove, the processing of isolation or reset mode.Adopt recovery operation for the operating system kernel file that backup is arranged; For the malicious code that can remove, carry out malicious code removing work; For removing the very large file of difficulty, adopt isolated operation.
Present embodiment has been described the detailed process of taking precautions against based on the malicious code of UEFI, i.e. teledata maintenance and visit, local datastore management, malicious code are taken precautions against 3 steps of concrete module, and simultaneously, it is various to describe data organization in detail.Emphasis of the present invention is, the exploitation malicious code is taken precautions against module in the UEFI environment, do not get into operating system of user before, directly operating system of user has been carried out the malicious code prevention work.The condition code scan method that the present invention relates to belongs to the universal method of computer virus checking and killing, not in protection domain.
The advantage of present embodiment: all operations under the UEFI environment of all program modules; Can, operating system of user carry out the malicious code prevention work before loading to it; Therefore; Can either guarantee to take precautions against the safety of software itself, also can before the malicious code outbreak, carry out killing, really accomplish safety precaution malicious code.Particularly; For kernel driving stage malicious code; For example; The novel malicious code of Rootkit.Win32.Agent.oyz and Win32.Troj.Agent.dz.11636 (robot dog mutation), existing antivirus software deals with all very loaded down with trivial details: need the own start-up by hand of user under safe mode, to carry out a large amount of manual operationss; Need frequently restart machine: do not clean up, have a large amount of malicious code files residual.Detection of the present invention and removing are not carried out in operating system, can realize full-automatic, disposable, malicious code removing completely.
Claims (6)
1. can expand the malicious code prevention method of fixed interface based on unification for one kind, it is characterized in that, may further comprise the steps:
The first step, the DLL that adopts UEFI to provide is realized network connecting module, safeguards the malicious code feature database that the malicious code based on condition code on the remote server is checked and is used for the program backup that data are recovered;
In second step, the DLL that adopts UEFI to provide is created a storage space at local hard drive, and storage is as summary set and the junk information of cleaning system and the configuration information of obstinate data of the core document of integrity check info;
The 3rd step, the inspection that inspection and removing, the operating system malice of carrying out integrity checking and recovery, junk information and obstinate data scrubbing, the trojan-horse program of the core document comprise operating system starts and processing and take precautions against based on the malicious code inspection of condition code and the malicious code of handling;
In the 4th step, be responsible for being delivered to the booting operating system program to the control of system by UEFI, thereby get into normal os starting process.
2. the malicious code prevention method that can expand fixed interface based on unification according to claim 1; It is characterized in that; Integrity checking described in the 3rd step is meant: at first the kernel program to said operating system carries out MD5 digest; And carry out detailed record to summary info, judge when the summary of summary that calculate and storage not simultaneously, this kernel program is tampered.
3. the malicious code prevention method that can expand fixed interface based on unification according to claim 1; It is characterized in that; Core document described in second step is meant: in the Windows operating system, and the partial document under All Files under the System catalogue and the System32 catalogue.
4. the malicious code prevention method that can expand fixed interface based on unification according to claim 1; It is characterized in that the inspection and the removing of described trojan-horse program are meant: search the self-starting item of wooden horse at registration table, startup file place and remove according to the static nature of trojan horse program.
5. the malicious code prevention method that can expand fixed interface based on unification according to claim 1; It is characterized in that; Inspection and processing that described operating system malice starts item are meant: whether ad-hoc location, the inspection of win.ini system file ad-hoc location at registration table have unusual startup item, when having unusual startup item, then remove automatically or the prompting user.
6. the malicious code prevention method that can expand fixed interface based on unification according to claim 1; It is characterized in that described malicious code inspection and processing based on condition code is meant: whether employing condition code scanning technique identifying operation system file contains malicious code and removes, isolates or recover.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100084785A CN102024114B (en) | 2011-01-14 | 2011-01-14 | Malicious code prevention method based on unified extensible fixed interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011100084785A CN102024114B (en) | 2011-01-14 | 2011-01-14 | Malicious code prevention method based on unified extensible fixed interface |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102024114A CN102024114A (en) | 2011-04-20 |
| CN102024114B true CN102024114B (en) | 2012-11-28 |
Family
ID=43865400
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011100084785A Expired - Fee Related CN102024114B (en) | 2011-01-14 | 2011-01-14 | Malicious code prevention method based on unified extensible fixed interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102024114B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107894905A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of operating system file guard method based on BIOS |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102955911B (en) * | 2011-08-18 | 2015-12-16 | 腾讯科技(深圳)有限公司 | Wooden horse scan method and system |
| CN102495772B (en) * | 2011-09-30 | 2013-10-30 | 奇智软件(北京)有限公司 | Characteristic-based terminal program cloud backup and recovery methods |
| CN102360320A (en) * | 2011-09-30 | 2012-02-22 | 奇智软件(北京)有限公司 | Terminal backup object sharing and recovery method based on cloud architecture |
| CN105912424A (en) * | 2011-09-30 | 2016-08-31 | 北京奇虎科技有限公司 | Cloud architecture based terminal program quick backup and recovery method |
| CN102722680B (en) * | 2012-06-07 | 2014-11-05 | 腾讯科技(深圳)有限公司 | Method and system for removing rogue programs |
| CN103714286A (en) * | 2013-12-17 | 2014-04-09 | 上海酷宇通讯技术有限公司 | Method and system for preventing malicious software installation in mobile terminal |
| CN104573499B (en) * | 2014-09-10 | 2019-01-15 | 中电科技(北京)有限公司 | A kind of executable program file protection system and method based on UEFI |
| CN107066345A (en) * | 2015-12-22 | 2017-08-18 | 中电科技(北京)有限公司 | A kind of data recovery and backup method based on hard disk gap |
| CN105847280A (en) * | 2016-05-06 | 2016-08-10 | 南京百敖软件有限公司 | Security management method based on firmware |
| CN109120584B (en) * | 2018-06-19 | 2020-07-24 | 上海交通大学 | Terminal security protection method and system based on UEFI and WinPE |
| CN111740817A (en) * | 2020-06-17 | 2020-10-02 | 国网天津市电力公司电力科学研究院 | Code tampering detection method and system for concentrator in electric power data acquisition system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373441A (en) * | 2008-09-19 | 2009-02-25 | 苏州壹世通科技有限公司 | Virtual platform system based on firmware |
| CN101587451A (en) * | 2008-05-20 | 2009-11-25 | 研祥智能科技股份有限公司 | Data backup and recovery method based on extensible firmware interface (EFI) firmware |
| CN101645127A (en) * | 2009-06-17 | 2010-02-10 | 北京交通大学 | Method for establishing trusted booting system based on EFI |
-
2011
- 2011-01-14 CN CN2011100084785A patent/CN102024114B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101587451A (en) * | 2008-05-20 | 2009-11-25 | 研祥智能科技股份有限公司 | Data backup and recovery method based on extensible firmware interface (EFI) firmware |
| CN101373441A (en) * | 2008-09-19 | 2009-02-25 | 苏州壹世通科技有限公司 | Virtual platform system based on firmware |
| CN101645127A (en) * | 2009-06-17 | 2010-02-10 | 北京交通大学 | Method for establishing trusted booting system based on EFI |
Non-Patent Citations (2)
| Title |
|---|
| 徐梅等.基于UEFI的自动测试系统的设计与实现.《微计算机信息》.2010,第26卷(第6-3期),第171-172,159页. * |
| 桂佳平等.基于智能手机恶意代码防范模型的研究.《计算机技术与发展》.2010,第20卷(第1期),第163-166页. * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107894905A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of operating system file guard method based on BIOS |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102024114A (en) | 2011-04-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102024114B (en) | Malicious code prevention method based on unified extensible fixed interface | |
| JP5011436B2 (en) | Method and apparatus for detecting malicious acts of a computer program | |
| CN101777062B (en) | Context-aware real-time computer-protection systems and methods | |
| CN100489728C (en) | Method for establishing trustable operational environment in a computer | |
| RU2483349C2 (en) | Staged, lightweight backup system | |
| US20120017276A1 (en) | System and method of identifying and removing malware on a computer system | |
| US20120124007A1 (en) | Disinfection of a file system | |
| CN102867141B (en) | The method that Main Boot Record rogue program is processed and device | |
| US20060259819A1 (en) | Automated Method for Self-Sustaining Computer Security | |
| CN102930201B (en) | The method that Main Boot Record rogue program is processed and device | |
| US20090178141A1 (en) | Booting a device from a trusted environment responsive to device hibernation | |
| CN107103238A (en) | System and method for protecting computer system to exempt from malicious objects activity infringement | |
| CN101154253B (en) | Computer security protection method and computer security protection instrument | |
| CN102184111B (en) | The equipment of operating system online upgrading method and tape operation system | |
| US8667591B1 (en) | Commonality factoring remediation | |
| US20130276113A1 (en) | System, method, and computer program product for removing malware from a system while the system is offline | |
| CN109120584B (en) | Terminal security protection method and system based on UEFI and WinPE | |
| CN104461594A (en) | Updating method and device of embedded operating system | |
| CN104769598A (en) | Systems and methods for detecting illegitimate applications | |
| CN103428212A (en) | Malicious code detection and defense method | |
| CN105204902A (en) | Method and device for upgrading security patches of virtual machine | |
| WO2014044187A2 (en) | A method and device for checking and removing computer viruses | |
| US10089469B1 (en) | Systems and methods for whitelisting file clusters in connection with trusted software packages | |
| CN100374969C (en) | Method for searching and killing virus and computer therefor | |
| WO2007123492A1 (en) | Method of safeguarding against malicious software (malware) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121128 Termination date: 20160114 |