CN100504899C - Software watchdog system and method - Google Patents
Software watchdog system and method Download PDFInfo
- Publication number
- CN100504899C CN100504899C CNB2006101286228A CN200610128622A CN100504899C CN 100504899 C CN100504899 C CN 100504899C CN B2006101286228 A CNB2006101286228 A CN B2006101286228A CN 200610128622 A CN200610128622 A CN 200610128622A CN 100504899 C CN100504899 C CN 100504899C
- Authority
- CN
- China
- Prior art keywords
- abnormal restoring
- operating system
- information
- client operating
- monitored object
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The system comprises: at least one client operation system, a servo operation system and a virtual machine monitor; said servo operation system also comprises an exception recovering module and a rear end driver corresponding to said exception recovering module; said client operation system also comprises a front end driver corresponding to the rear end driver. The invention can protect the monitored application program from vicious un-installation or deletion.
Description
Technical field
The present invention relates to computer security technique, relate in particular to a kind of software watchdog system and method.
Background technology
Widespread use along with computer technology, also brought the problem of a series of secure contexts thereupon, as: malice such as assault, computer-based worms, trojan horse unload, stop, specific driving in the deletion action system, services and applications etc., so that computing machine is illegally controlled, and user data is illegally stolen.
In order to address the above problem, mainly contain following several method at present:
1. fire wall or anti-virus software are installed on computers;
Though fire wall or anti-virus software can monitor and protect computing machine not to be subjected to worm-type virus, trojan horse and hacker's attack; but virus that some are new and assault means can be walked around fire wall and anti-virus software; carry out malice unloading, stop or the deletion action system on anti-virus software; softwares such as fire wall and other key businesses; computer system is in the not protected state fully, thereby from network, controls or steal the subscriber computer ciphertext data on the main frame.
2. use software watchdog on computers;
Traditional windows platform software watchdog generally all is to realize mutual between house dog and the controlled resource (controlled resource generally is that the mode with operating system physics process exists) by window message mechanism, specific practice is: house dog sends a monitoring request message to controlled resource, controlled resource is returned a monitoring response message after receiving this message immediately, if house dog is not received the monitoring response message that controlled resource is returned in the T time period (monitoring the overtime time limit), this moment, house dog thought that then controlled resource occurs unusually.
There is certain limitation in traditional software watchdog method for supervising: will have bigger difficulty according to the house dog software that comes out based on Windows window message Mechanism Design in cross-platform transplanting, because platforms such as UNIX, LINUX are not supported the window message mechanism of Windows.
In addition, though whether some software watchdogs can be monitored specific service routine and be stopped at present, these software watchdogs also may or stop by hacker and the unloading of viral malice, cause the program of its monitoring to lose protection.
3. use hardware watchdog on computers;
Hardware watchdog is mainly used in embedded device, is used for whether various hardware move normally on the watch-dog, and to improve the availability of equipment, still, hardware watchdog can not be used for application-specific is monitored, and is used in and can increases very big cost on the PC.
Summary of the invention
In order to address the above problem, one object of the present invention just provides a kind of software watchdog system, prevents that monitored application program from being unloaded or deleting by malice, improves the security of computer system.
Software watchdog system of the present invention; comprise servo operation, virtual machine monitor and at least one client operating system; the a plurality of application programs of operation in each described client operating system; described servo operation also comprises the abnormal restoring module and drives with the corresponding rear end of this abnormal restoring module; described client operating system also comprises with this rear end and drives corresponding front-end driven; wherein
Described front-end driven is used to read monitor data, and utilizes this monitor data virtual machine monitor to send to the rear end driving; And receive the abnormal restoring information that the rear end driving is sent, and this abnormal restoring information is sent in requisition for the application program of recovering;
Described rear end drives and is used for the monitor data that the receiving front-end driving is sent, and this monitor data is sent to the abnormal restoring module; And receive the abnormal restoring information that the abnormal restoring module is sent, and utilize virtual machine monitor to send to front-end driven this abnormal restoring information;
Described abnormal restoring module is used to receive the rear end and drives the monitor data that sends, and obtains the pairing abnormal restoring information of this monitor data, and this abnormal restoring information is sent to the rear end driving.
Described monitor data comprises the running status of monitored object.
Described servo operation also comprises the monitoring strategies module, and being used for provides monitoring strategies to the abnormal restoring module; Described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual;
The abnormal restoring module is used for receiving after the rear end drives the monitor data send; from the monitoring strategies module, read the normal operating condition information of monitored object; do not belong to normal operating condition if determine the running status of the monitored object received according to the normal operating condition information of described monitored object; then read this monitored object that does not belong to normal operating condition pairing abnormal restoring information when unusual, and obtain described abnormal restoring information from the monitoring strategies module.
The monitoring strategies of preserving in the described monitoring strategies module also comprises the monitored object information of needs monitoring;
Described rear end drives and is further used for reading the monitored object information that needs monitoring from the monitoring strategies module, and utilizes virtual machine monitor to send to front-end driven;
The monitored object information that described front-end driven is used for monitoring as required reads monitor data.
Described abnormal restoring information comprises reinstalls the driving that is unloaded unusually, restarts the service that is abended and reinstalls any one or combination in any in the application program of being deleted unusually.
Described abnormal restoring module is further used for cutting off the network of client operating system when not receiving the monitor data of front-end driven transmission, and/or the hardware device of forbidding client operating system.
Described front-end driven is further used for obtaining automatic restoration result, and utilizes automatic restoration result virtual machine monitor to send to the rear end driving;
Described rear end drives and is further used for automatic restoration result is sent to the abnormal restoring module;
Described abnormal restoring module is further used for cutting off the network of client operating system when definite automatic restoration result is failed for automatic recovery, and/or the hardware device of forbidding client operating system.
Between driving, described front-end driven and rear end adopt symmetry or asymmetric key algorithm to authenticate.
Another object of the present invention is to, a kind of software watchdog method is provided, improve the security of computer system.
Software watchdog method of the present invention may further comprise the steps:
Steps A) front-end driven of client operating system reads monitor data, and described front-end driven utilizes virtual machine monitor that this monitor data is sent to servo operation;
Step B) the set rear end with corresponding front-end driven of servo operation drives and receives described monitor data, and this monitor data is sent to the abnormal restoring module of this servo operation, obtain pairing abnormal restoring information by this abnormal restoring module according to the monitor data that receives;
Step C) the described rear end of servo operation drives and receives described abnormal restoring information, and described abnormal restoring information utilizes virtual machine monitor to send to client operating system;
Step D) the abnormal restoring information received of the described front-end driven utilization of client operating system is recovered automatically to the corresponding application program that needs to recover.
Have monitoring strategies in the described servo operation, described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual;
Described step B) may further comprise the steps:
Step B1) the normal operating condition information of described abnormal restoring module query monitor object from predefined monitoring strategies of servo operation determines that according to the normal operating condition information of monitored object this monitored object does not belong to running status just often;
Step B2) described abnormal restoring module reads the monitored object pairing abnormal restoring information when unusual that does not belong to normal operating condition from monitoring strategies.
Further comprise in the described monitoring strategies: the monitored object information that client operating system need be monitored;
Described steps A) comprise before: the described rear end of servo operation drives the monitored object information of preserving in the monitoring strategies, client operating system need be monitored is sent to client operating system by virtual machine monitor;
Described steps A) in, the monitor data that described client operating system reads is: the monitored object information that client operating system is monitored as required reads monitor data.
Described step C) further comprising the steps of:
If the described abnormal restoring module of servo operation does not receive the monitor data that front-end driven sends, then cut off the network of client operating system, and/or the hardware device of forbidding client operating system.
Described step D) further comprising the steps of afterwards:
Step e 1) the described front-end driven of client operating system sends automatic restoration result to servo operation;
Step e 2) if the automatic restoration result that the described abnormal restoring module of servo operation is determined to receive for recovering failure automatically, then cuts off the network of client operating system, and/or the hardware device of forbidding client operating system.
This method further comprises: adopt known symmetry or unsymmetrical key to encrypt to monitor data or abnormal restoring information.
Software watchdog system of the present invention and method provide auto restore facility when monitored application program is unloaded or deletes by malice, and when recovery failure or software watchdog are unloaded automatically, cut off the network of client operating system, and/or the hardware device of forbidding client operating system, further improved the security of software watchdog, thereby confidential data, the security that has improved computer system are not controlled or steal to the assurance computing machine by rogue program.
Description of drawings
Fig. 1 is the frame diagram of existing dummy machine system;
Fig. 2 is the module map of software watchdog system of the present invention;
Fig. 3 is the process flow diagram of software watchdog method of the present invention.
Embodiment
Because in dummy machine system; be isolated from each other between client operating system and the servo operation; servo operation has higher security performance; in servo operation, increase the abnormal restoring module; the security of system can be provided; therefore, software watchdog system of the present invention and method are based on dummy machine system, the security that can improve software watchdog like this.
Content for a better understanding of the present invention is described the dummy machine system to prior art at first.Fig. 1 is the frame diagram of existing dummy machine system.This dummy machine system mainly comprises: and client operating system, servo operation, virtual machine monitor (Virtual Machine Monitor, VMM) and hardware device.
Wherein, moving a plurality of application A PP1, APP2 etc. in each client operating system, and with the corresponding front-end driven 1 of each application program, front-end driven 2 etc., in the servo operation, the rear end drives 1 one to one, the rear end drives 2 etc. to move a plurality of and front-end driven, VMM runs directly on the hardware between hardware and operating system.Because between each client operating system and be isolated from each other between client operating system and the servo operation, so data transmission must be passed through VMM.
When system start-up, system at first guides VMM, when guiding, will create servo operation, servo operation is compared with client operating system has higher authority, bearing important effect in dummy machine system, wherein quite a few is to support for the client operating system access hardware devices provides relevant.
To be that example is described client operating system in the dummy machine system shown in Fig. 1 sends process from data to servo operation with one of them client operating system below.
Application A PP1 in the client operating system, APP2 or user operate at first, and forward end drives the transmission data.Then, front-end driven sends to register or shared drive with received data, and the register of these data of storage or the address of shared drive are sent to VMM.
Corresponding relation between VMM drives according to front-end driven and rear end is by proactive notification mode (for example interrupting injecting) or wait for that inquiry mode (for example, the inquiry of rear end driving timing or inquiry in real time) will be stored the register of these data or the address of shared drive sends to the rear end driving.The rear end of servo operation drives according to the address that receives, and obtains data in the register of storing these data or shared drive.
Then will introduce the process of servo operation to client operating system passback data.
The data that servo operation will return send to the rear end and drive, and the rear end drives and obtains after the data, and received data are sent to register or shared drive, and the register of these data of storage or the address of shared drive are sent to VMM.
Then, VMM finds out each rear end according to the corresponding relation between front-end driven and the rear end driving and drives pairing client operating system and front-end driven.Then, VMM sends look-at-me by interrupting injection mode to client operating system, and the register of these data of storage or the address of shared drive are sent to front-end driven.The front-end driven of client operating system is obtained data according to the address that receives in the register of storing these data or shared drive.
Finally, front-end driven sends the data of receiving to upper strata driving or application program.
The data that it should be noted that in this instructions to be said not only refer to simple data, also refer to the data of table handling instruction.
Below, will be referring to figs. 2 and 3 introducing software watchdog system of the present invention.
Fig. 2 is the module map of software watchdog system of the present invention.Software watchdog system shown in Figure 2 comprises: client operating system, servo operation, VMM and hardware device.
In order to increase the security of system; software watchdog system of the present invention is on the basis of existing dummy machine system; in servo operation, set up an abnormal restoring module and drive with the corresponding rear end of this abnormal restoring module; described client operating system also comprises with this rear end and drives corresponding front-end driven; wherein
Described front-end driven is used to read monitor data, and utilizes this monitor data VMM to send to the rear end driving; And receive the abnormal restoring information that the rear end driving is sent, and this information is sent to corresponding application.
Described monitor data comprises the running status of monitored monitored object, and described running status comprises running status and halted state.Front-end driven obtains the running status of monitored monitored object from the task manager of client operating system.
Described rear end drives and is used for the monitor data that the receiving front-end driving is sent, and this monitor data is sent to the abnormal restoring module; And receive the abnormal restoring information that the abnormal restoring module is sent; such as; reinstall the driving that is unloaded unusually, restart the service that is abended and reinstall application program of being deleted unusually etc., and utilize VMM to send to front-end driven this abnormal restoring information.
Preferably; can between front-end driven and rear end driving, adopt known symmetry or asymmetric key algorithm to authenticate; can also adopt known symmetry or unsymmetrical key to encrypt to monitor data or abnormal restoring information, prevent that other programs from distorting to monitor data or abnormal restoring information or imitate.
Described abnormal restoring module is used to receive the rear end and drives the monitor data that sends, and obtains the pairing abnormal restoring information of this monitor data, and this abnormal restoring information is sent to the rear end driving.
Described servo operation also comprises the monitoring strategies module, and being used for provides monitoring strategies to the abnormal restoring module; Described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual;
Described abnormal restoring module is used for receiving after the rear end drives the monitor data send; from the monitoring strategies module, read the normal operating condition information of monitored object; do not belong to normal operating condition if determine the running status of the monitored object received according to the normal operating condition information of described monitored object; then read this monitored object that does not belong to normal operating condition pairing abnormal restoring information when unusual, and obtain described abnormal restoring information from the monitoring strategies module.
The monitoring strategies of preserving in the described monitoring strategies module also comprises the monitored object information of needs monitoring, and described monitored object information comprises which monitored object of needs monitoring, and described monitored object comprises application program and service etc.;
Described rear end drives and is further used for reading the monitored object information that needs monitoring from the monitoring strategies module, and utilizes virtual machine monitor to send to front-end driven;
The monitored object information that described front-end driven is used for monitoring as required reads monitor data.
Further, described abnormal restoring module is further used for thinking that front-end driven is unloaded by malice when not receiving the monitor data of front-end driven transmission, then cuts off the network of client operating system, and/or the hardware device of forbidding client operating system.
Further; front-end driven is obtained automatic restoration result; and an automatic restoration result utilizes virtual machine monitor to send to the rear end driving; drive an automatic restoration result by the rear end and send to the abnormal restoring module; the abnormal restoring module is when restoration result is recovery failure automatically automatically; cut off the network of client operating system, perhaps forbid the hardware device of client operating system.
Below with reference to the data transmission procedure of Fig. 3 explanation according to software watchdog method of the present invention.
Fig. 3 is the process flow diagram of software watchdog method of the present invention, and detailed process is as follows:
At first, before beginning, data transmission procedure needs to be configured work:
User or the network manager user interface by providing in servo operation writes monitoring strategies in servo operation.
Described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual; such as; reinstall the driving that is unloaded unusually, restart the service that is abended and reinstall application program of being deleted unusually etc.
Because servo operation has higher safety performance, the general user can not change the information in the servo operation, so, write monitoring strategies by servo operation, can guarantee that monitoring strategies is not distorted.
After above-mentioned configuration effort is finished, begin following data transmission procedure.
Step 101) client operating system reads monitor data from the task manager of client operating system, and utilizes VMM that this monitor data is sent to servo operation.
Which monitored object client operating system need monitor, and is to utilize VMM by client operating system, reads monitoring strategies and obtain from servo operation.Described monitoring strategies comprises the monitored object information of needs monitoring, and described monitored object information comprises which monitored object of needs monitoring, and described monitored object comprises application program and service etc.
Preferably, can adopt known symmetry or asymmetric key algorithm to authenticate between client operating system and the servo operation, prevent that other programs from distorting to monitor data or abnormal restoring information or imitate.Described asymmetric arithmetic can be that the Internet is encrypted and authentication system (Rivest Shamir Adlemen, RSA) or asymmetric arithmetic and digital signature (ECC, Elliptic Curves Cryptography) etc., described symmetry algorithm can be digital encryption standard (DES, Data Encryption Standard), Advanced Encryption Standard (AES, Advanced Encryption Standard) etc.
Step 102) servo operation obtains the pairing abnormal restoring information of the monitor data that receives.
As previously mentioned, described monitoring strategies comprises pairing abnormal restoring information when the normal condition of each monitor data and each monitor data are unusual.
Concrete detection method is as follows: the normal operating condition information of servo operation query monitor object from predefined monitoring strategies, obtain the monitor data that does not belong to normal condition according to the normal operating condition information of monitored object; Servo operation reads the monitor data pairing abnormal restoring information when unusual that does not belong to normal condition from monitoring strategies.
Described abnormal restoring information comprises reinstalls the driving that is unloaded unusually, restarts the service that is abended and reinstalls application program of being deleted unusually etc.
Further, if servo operation does not receive the monitor data that client operating system sends, then the equipment calls interface that provides by VMM cuts off the network of client operating system, prevents that computing machine is by hacker or computer virus attack; Perhaps forbid some equipment of client operating system (as USB interface, CD-ROM drive, equipment such as floppy drive), guarantee that rogue program can not control computer or steal confidential data, improved the security of computer system more.
Step 103) servo operation utilizes VMM to send to client operating system detected abnormal restoring information, and the abnormal restoring information that the client operating system utilization is received is recovered automatically to corresponding application.
After application program receives abnormal restoring information, recover automatically according to this abnormal restoring information.Described automatic recovery comprises: reinstall the driving that is unloaded unusually; restart the service that is abended and reinstall application program of being deleted unusually etc.; these processing are corresponding with abnormal restoring information; carry out according to abnormal restoring information, can improve the security of computer system by automatic recovery.
Further, client operating system can also be after recovering according to the abnormal restoring information that receives automatically, send automatic restoration result to servo operation, if servo operation receives automatic recovery failed message, then the equipment calls interface that provides by VMM cuts off the network of client operating system, prevents that computing machine is by hacker or computer virus attack; Perhaps forbid some equipment of client operating system (as USB interface, CD-ROM drive, equipment such as floppy drive), guarantee that rogue program can not control computer or steal confidential data, improved the security of computer system more.
Servo operation also can be when carrying out abnormality processing, report to the police to network management terminal, and in servo operation log.
Preferably, monitor data or abnormal restoring information are distorted or imitate, can adopt known symmetry or unsymmetrical key to encrypt monitor data or abnormal restoring information in order to prevent other programs.
Explanation is at last, above embodiment is only unrestricted in order to technical scheme of the present invention to be described, although the present invention is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement technical scheme of the present invention, and not breaking away from the spirit and scope of technical solution of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (14)
1. software watchdog system; comprise servo operation, virtual machine monitor and at least one client operating system; the a plurality of application programs of operation in each described client operating system; it is characterized in that; described servo operation also comprises the abnormal restoring module and drives with the corresponding rear end of this abnormal restoring module; described client operating system also comprises with this rear end and drives corresponding front-end driven, wherein
Described front-end driven is used to read monitor data, and utilizes this monitor data virtual machine monitor to send to the rear end driving; And receive the abnormal restoring information that the rear end driving is sent, and this abnormal restoring information is sent in requisition for the application program of recovering;
Described rear end drives and is used for the monitor data that the receiving front-end driving is sent, and this monitor data is sent to the abnormal restoring module; And receive the abnormal restoring information that the abnormal restoring module is sent, and utilize virtual machine monitor to send to front-end driven this abnormal restoring information;
Described abnormal restoring module is used to receive the rear end and drives the monitor data that sends, and obtains the pairing abnormal restoring information of this monitor data, and this abnormal restoring information is sent to the rear end driving.
2. software watchdog system as claimed in claim 1 is characterized in that described monitor data comprises the running status of monitored object.
3. software watchdog system as claimed in claim 2 is characterized in that,
Described servo operation also comprises the monitoring strategies module, and being used for provides monitoring strategies to the abnormal restoring module; Described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual;
The abnormal restoring module is used for receiving after the rear end drives the monitor data send; from the monitoring strategies module, read the normal operating condition information of monitored object; do not belong to normal operating condition if determine the running status of the monitored object received according to the normal operating condition information of described monitored object; then read this monitored object that does not belong to normal operating condition pairing abnormal restoring information when unusual, and obtain described abnormal restoring information from the monitoring strategies module.
4. software watchdog system as claimed in claim 3 is characterized in that,
The monitoring strategies of preserving in the described monitoring strategies module also comprises the monitored object information of needs monitoring;
Described rear end drives and is further used for reading the monitored object information that needs monitoring from the monitoring strategies module, and utilizes virtual machine monitor to send to front-end driven;
The monitored object information that described front-end driven is used for monitoring as required reads monitor data.
5. software watchdog system as claimed in claim 1; it is characterized in that; described abnormal restoring information comprises reinstalls the driving that is unloaded unusually, restarts the service that is abended and reinstalls any one or combination in any in the application program of being deleted unusually.
6. as each described software watchdog system in the claim 1 to 4, it is characterized in that,
Described abnormal restoring module is further used for cutting off the network of client operating system when not receiving the monitor data of front-end driven transmission, and/or the hardware device of forbidding client operating system.
7. as each described software watchdog system in the claim 1 to 4, it is characterized in that,
Described front-end driven is further used for obtaining automatic restoration result, and utilizes automatic restoration result virtual machine monitor to send to the rear end driving;
Described rear end drives and is further used for automatic restoration result is sent to the abnormal restoring module;
Described abnormal restoring module is further used for cutting off the network of client operating system when definite automatic restoration result is failed for automatic recovery, and/or the hardware device of forbidding client operating system.
8. as each described software watchdog system in the claim 1 to 4, it is characterized in that,
Between driving, described front-end driven and rear end adopt symmetry or asymmetric key algorithm to authenticate.
9. software watchdog method may further comprise the steps:
Steps A) front-end driven of client operating system reads monitor data, and described front-end driven utilizes virtual machine monitor that this monitor data is sent to servo operation;
Step B) the set rear end with corresponding front-end driven of servo operation drives and receives described monitor data, and this monitor data is sent to the abnormal restoring module of this servo operation, obtain pairing abnormal restoring information by this abnormal restoring module according to the monitor data that receives;
Step C) the described rear end of servo operation drives and receives described abnormal restoring information, and utilizes virtual machine monitor to send to client operating system described abnormal restoring information;
Step D) the abnormal restoring information received of the described front-end driven utilization of client operating system is to recovering automatically in requisition for the application program of recovering.
10. software watchdog method as claimed in claim 9, it is characterized in that, have monitoring strategies in the described servo operation, described monitoring strategies comprises pairing abnormal restoring information when the running status of the normal operating condition of monitored object and monitored object is unusual;
Described step B) may further comprise the steps:
Step B1) the normal operating condition information of described abnormal restoring module query monitor object from predefined monitoring strategies of servo operation determines that according to the normal operating condition information of monitored object this monitored object does not belong to running status just often;
Step B2) described abnormal restoring module reads the monitored object pairing abnormal restoring information when unusual that does not belong to normal operating condition from monitoring strategies.
11. software watchdog method as claimed in claim 10 is characterized in that,
Further comprise in the described monitoring strategies: the monitored object information that client operating system need be monitored;
Described steps A) comprise before: the described rear end of servo operation drives the monitored object information of preserving in the monitoring strategies, client operating system need be monitored is sent to client operating system by virtual machine monitor;
Described steps A) in, the monitor data that described client operating system reads is: the monitored object information that client operating system is monitored as required reads monitor data.
12. software watchdog method as claimed in claim 9 is characterized in that, described step C) further comprising the steps of:
If the described abnormal restoring module of servo operation does not receive the monitor data that front-end driven sends, then cut off the network of client operating system, and/or the hardware device of forbidding client operating system.
13. software watchdog method as claimed in claim 9 is characterized in that, described step D) further comprising the steps of afterwards:
Step e 1) the described front-end driven of client operating system sends automatic restoration result to servo operation;
Step e 2) if the automatic restoration result that the described abnormal restoring module of servo operation is determined to receive for recovering failure automatically, then cuts off the network of client operating system, and/or the hardware device of forbidding client operating system.
14. software watchdog method as claimed in claim 9 is characterized in that, this method further comprises: adopt known symmetry or unsymmetrical key to encrypt to monitor data or abnormal restoring information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101286228A CN100504899C (en) | 2006-08-29 | 2006-08-29 | Software watchdog system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101286228A CN100504899C (en) | 2006-08-29 | 2006-08-29 | Software watchdog system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101136044A CN101136044A (en) | 2008-03-05 |
| CN100504899C true CN100504899C (en) | 2009-06-24 |
Family
ID=39160136
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006101286228A Active CN100504899C (en) | 2006-08-29 | 2006-08-29 | Software watchdog system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100504899C (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101751274B (en) * | 2008-12-18 | 2012-10-10 | 联想(北京)有限公司 | Virtual machine system and unloading method of universal serial bus device thereof |
| CN101996106B (en) * | 2010-12-17 | 2012-12-05 | 南京中兴力维软件有限公司 | Method for monitoring software running state |
| CN102495767A (en) * | 2011-11-30 | 2012-06-13 | 凯迈(洛阳)电子有限公司 | Double-watchdog system for battery monitor |
| CN103377068B (en) * | 2012-04-13 | 2017-04-19 | 联想(北京)有限公司 | Control method and electronic instrument |
| CN104683131A (en) * | 2013-11-27 | 2015-06-03 | 杭州迪普科技有限公司 | Application stage virtualization high-reliability method and device |
| CN103793288B (en) * | 2014-02-14 | 2017-07-18 | 北京邮电大学 | A kind of software watchdog system and method |
| CN104932964A (en) * | 2014-03-17 | 2015-09-23 | 无锡天脉聚源传媒科技有限公司 | Monitoring processing method and apparatus of computer functional programs |
| CN104199753B (en) * | 2014-09-04 | 2018-05-29 | 中标软件有限公司 | A kind of virtual machine application service fault recovery system and its fault recovery method |
| CN105701399B (en) * | 2015-12-30 | 2018-11-27 | 广东欧珀移动通信有限公司 | A kind of safety detection method and device of application program |
| CN109992466B (en) * | 2017-12-29 | 2022-09-16 | 迈普通信技术股份有限公司 | Virtual machine fault detection method and device, computer readable storage medium and electronic equipment |
| CN110032487A (en) * | 2018-11-09 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Keep Alive supervision method, apparatus and electronic equipment |
| CN110287055B (en) * | 2019-06-28 | 2021-06-15 | 联想(北京)有限公司 | Data recovery method of electronic equipment and electronic equipment |
| CN114241679A (en) * | 2021-12-08 | 2022-03-25 | 广东电网有限责任公司 | Self-service terminal device anti-misoperation touch method and system |
-
2006
- 2006-08-29 CN CNB2006101286228A patent/CN100504899C/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN101136044A (en) | 2008-03-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100504899C (en) | Software watchdog system and method | |
| RU2714607C2 (en) | Double self-test of memory for protection of multiple network endpoints | |
| US9734337B1 (en) | Behavior-based ransomware detection | |
| EP3225009B1 (en) | Systems and methods for malicious code detection | |
| US10430591B1 (en) | Using threat model to monitor host execution in a virtualized environment | |
| TWI387923B (en) | Computer security management, such as in a virtual machine or hardened operating system | |
| CN112074836A (en) | Apparatus and method for protecting data through trusted execution environment | |
| US10691475B2 (en) | Security application for a guest operating system in a virtual computing environment | |
| CN102270287B (en) | Trusted software base providing active security service | |
| CN105335654B (en) | Android malicious program detection and processing method, device and equipment | |
| WO2015123226A1 (en) | Systems and methods for scanning packed programs in response to detecting suspicious behaviors | |
| US8402539B1 (en) | Systems and methods for detecting malware | |
| US9485271B1 (en) | Systems and methods for anomaly-based detection of compromised IT administration accounts | |
| CN1662869A (en) | Sleep protection | |
| EP3270318B1 (en) | Dynamic security module terminal device and method for operating same | |
| EP3014515B1 (en) | Systems and methods for directing application updates | |
| KR101369251B1 (en) | Apparatus, method, terminal and system for recovery protection of system files | |
| US11469880B2 (en) | Data at rest encryption (DARE) using credential vault | |
| EP3079057B1 (en) | Method and device for realizing virtual machine introspection | |
| US20180026986A1 (en) | Data loss prevention system and data loss prevention method | |
| CN102867146A (en) | Method and system for preventing computer virus from frequently infecting systems | |
| US9166995B1 (en) | Systems and methods for using user-input information to identify computer security threats | |
| US11531769B2 (en) | Information processing apparatus, information processing method, and computer program product | |
| JP5727545B2 (en) | Wireless terminal device and system protection method | |
| US9501641B2 (en) | Method of intrusion detection in terminal device and intrusion detecting apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |