CN101414339B - 保护进程内存及确保驱动程序加载的安全性的方法 - Google Patents
保护进程内存及确保驱动程序加载的安全性的方法 Download PDFInfo
- Publication number
- CN101414339B CN101414339B CN2007101624498A CN200710162449A CN101414339B CN 101414339 B CN101414339 B CN 101414339B CN 2007101624498 A CN2007101624498 A CN 2007101624498A CN 200710162449 A CN200710162449 A CN 200710162449A CN 101414339 B CN101414339 B CN 101414339B
- Authority
- CN
- China
- Prior art keywords
- driver
- function
- request
- safety
- internal memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 112
- 230000006870 function Effects 0.000 claims abstract description 60
- 238000012545 processing Methods 0.000 claims abstract description 19
- 230000008878 coupling Effects 0.000 claims description 10
- 238000010168 coupling process Methods 0.000 claims description 10
- 238000005859 coupling reaction Methods 0.000 claims description 10
- 238000011282 treatment Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 10
- 238000001514 detection method Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000000295 complement effect Effects 0.000 description 2
- 230000006378 damage Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Abstract
Description
Claims (22)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101624498A CN101414339B (zh) | 2007-10-15 | 2007-10-15 | 保护进程内存及确保驱动程序加载的安全性的方法 |
HK09107175A HK1127415A1 (en) | 2007-10-15 | 2009-08-05 | Method for protecting process memory and ensuring security of loading driver |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101624498A CN101414339B (zh) | 2007-10-15 | 2007-10-15 | 保护进程内存及确保驱动程序加载的安全性的方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101414339A CN101414339A (zh) | 2009-04-22 |
CN101414339B true CN101414339B (zh) | 2012-05-23 |
Family
ID=40594871
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007101624498A Active CN101414339B (zh) | 2007-10-15 | 2007-10-15 | 保护进程内存及确保驱动程序加载的安全性的方法 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101414339B (zh) |
HK (1) | HK1127415A1 (zh) |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101604370B (zh) * | 2009-07-06 | 2012-08-29 | 中国人民解放军信息技术安全研究中心 | 一种高兼容性的监控Windows内核函数调用的方法 |
CN102737198B (zh) * | 2011-04-13 | 2015-11-18 | 腾讯科技(深圳)有限公司 | 对象保护方法及装置 |
CN102930222B (zh) * | 2012-09-20 | 2015-09-30 | 无锡华御信息技术有限公司 | 反键盘记录方法及系统 |
CN103679006B (zh) * | 2013-10-25 | 2017-09-05 | 华为技术有限公司 | 一种运行驱动程序的方法及装置 |
CN104063661A (zh) * | 2014-06-09 | 2014-09-24 | 来安县新元机电设备设计有限公司 | 一种计算机软件安全防护方法 |
CN105160243A (zh) * | 2015-09-15 | 2015-12-16 | 浪潮集团有限公司 | 一种面向移动智能终端的驱动监控机制实现方法 |
CN105631329B (zh) * | 2015-12-21 | 2019-05-10 | 北京金山安全管理系统技术有限公司 | Virut感染型病毒免疫方法及其装置 |
CN105844146B (zh) * | 2016-03-16 | 2018-10-12 | 北京金山安全软件有限公司 | 一种保护驱动程序的方法、装置及电子设备 |
CN105956461B (zh) * | 2016-05-03 | 2019-08-23 | 珠海豹趣科技有限公司 | 一种拦截驱动加载的方法及终端 |
CN106096391B (zh) * | 2016-06-02 | 2019-05-03 | 珠海豹趣科技有限公司 | 一种进程控制方法及用户终端 |
CN105956462B (zh) * | 2016-06-29 | 2019-05-10 | 珠海豹趣科技有限公司 | 一种阻止恶意加载驱动的方法、装置及电子设备 |
CN106203070A (zh) * | 2016-06-29 | 2016-12-07 | 北京金山安全软件有限公司 | 驱动加载阻止方法及装置 |
CN106127050A (zh) * | 2016-06-29 | 2016-11-16 | 北京金山安全软件有限公司 | 一种防止系统光标被恶意修改的方法、装置及电子设备 |
CN106203089A (zh) * | 2016-06-29 | 2016-12-07 | 北京金山安全软件有限公司 | 一种防止系统颜色被恶意修改的方法、装置及电子设备 |
CN106127051A (zh) * | 2016-06-29 | 2016-11-16 | 北京金山安全软件有限公司 | 一种防止鼠标被恶意捕获的方法、装置及电子设备 |
CN109918907B (zh) * | 2019-01-30 | 2021-05-25 | 国家计算机网络与信息安全管理中心 | Linux平台进程内存恶意代码取证方法、控制器及介质 |
CN111552608B (zh) * | 2020-04-09 | 2022-11-18 | 烽火通信科技股份有限公司 | 一种驱动内存监控方法及系统 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040268363A1 (en) * | 2003-06-30 | 2004-12-30 | Eric Nace | System and method for interprocess communication |
CN1567254A (zh) * | 2003-06-17 | 2005-01-19 | 深圳市中兴通讯股份有限公司南京分公司 | 嵌入式实时操作系统高效可靠的内存保护方法 |
US20050044551A1 (en) * | 2003-08-19 | 2005-02-24 | Sodhi Ajit S. | System and method for shared memory based IPC queue template having event based notification |
-
2007
- 2007-10-15 CN CN2007101624498A patent/CN101414339B/zh active Active
-
2009
- 2009-08-05 HK HK09107175A patent/HK1127415A1/xx not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1567254A (zh) * | 2003-06-17 | 2005-01-19 | 深圳市中兴通讯股份有限公司南京分公司 | 嵌入式实时操作系统高效可靠的内存保护方法 |
US20040268363A1 (en) * | 2003-06-30 | 2004-12-30 | Eric Nace | System and method for interprocess communication |
US20050044551A1 (en) * | 2003-08-19 | 2005-02-24 | Sodhi Ajit S. | System and method for shared memory based IPC queue template having event based notification |
Also Published As
Publication number | Publication date |
---|---|
CN101414339A (zh) | 2009-04-22 |
HK1127415A1 (en) | 2009-09-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101414339B (zh) | 保护进程内存及确保驱动程序加载的安全性的方法 | |
JP6346632B2 (ja) | モバイルデバイスでの悪質なファイルを検出するシステム及び方法 | |
US9596257B2 (en) | Detection and prevention of installation of malicious mobile applications | |
EP3123311B1 (en) | Malicious code protection for computer systems based on process modification | |
US7665139B1 (en) | Method and apparatus to detect and prevent malicious changes to tokens | |
US7779472B1 (en) | Application behavior based malware detection | |
CN106682497B (zh) | 在管理程序模式下安全执行代码的系统和方法 | |
US8127360B1 (en) | Method and apparatus for detecting leakage of sensitive information | |
CN100481102C (zh) | 用于对处理器指令的快速解密的方法、装置和系统 | |
US8195953B1 (en) | Computer program with built-in malware protection | |
CN107066311B (zh) | 一种内核数据访问控制方法与系统 | |
JP5265061B1 (ja) | 悪意のあるファイル検査装置及び方法 | |
CN106257481A (zh) | 用于恢复修改的数据的系统和方法 | |
US8578477B1 (en) | Secure computer system integrity check | |
US9659173B2 (en) | Method for detecting a malware | |
US7607173B1 (en) | Method and apparatus for preventing rootkit installation | |
CN103620613A (zh) | 用于基于虚拟机监视器的反恶意软件安全的系统和方法 | |
CN102737188A (zh) | 检测恶意网页的方法及装置 | |
US9338012B1 (en) | Systems and methods for identifying code signing certificate misuse | |
CN113569244B (zh) | 一种基于处理器跟踪的内存恶意代码检测方法 | |
KR20070118074A (ko) | 외래 코드 검출을 위한 시스템 및 방법 | |
CN104680084A (zh) | 计算机中保护用户隐私的方法和系统 | |
CN102110213A (zh) | 检测计算机系统内隐藏的对象 | |
US20190294760A1 (en) | Protecting an application via an intra-application firewall | |
CN104361280A (zh) | 一种通过smi中断实现对usb存储设备进行可信认证的方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1127415 Country of ref document: HK |
|
ASS | Succession or assignment of patent right |
Owner name: BEIJING RISING INTERNATIONAL TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: BEIJING RISING INTERNATIONAL SOFTWARE CO., LTD. Effective date: 20100413 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100080 ROOM 1305, ZHONGKE BUILDING, NO.22, ZHONGGUANCUN AVENUE, BEIJING CITY TO: 100190 ROOM 1301, ZHONGKE BUILDING, NO.22, ZHONGGUANCUN AVENUE, HAIDIAN DISTRICT, BEIJING CITY |
|
TA01 | Transfer of patent application right |
Effective date of registration: 20100413 Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Applicant after: Beijing Rising Information Technology Co., Ltd. Address before: 100080, room 1305, Zhongke building, 22 Zhongguancun street, Beijing Applicant before: Beijing Rising International Software Co., Ltd. |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: GR Ref document number: 1127415 Country of ref document: HK |
|
C56 | Change in the name or address of the patentee | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee after: Beijing Rising Information Technology Co., Ltd Address before: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee before: Beijing Rising Information Technology Co., Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee after: Beijing net an Technology Limited by Share Ltd Address before: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee before: Beijing Rising Information Technology Co., Ltd |