CN104915598A - Monitoring method and monitoring system for C/S client side - Google Patents

Monitoring method and monitoring system for C/S client side Download PDF

Info

Publication number
CN104915598A
CN104915598A CN201510291017.1A CN201510291017A CN104915598A CN 104915598 A CN104915598 A CN 104915598A CN 201510291017 A CN201510291017 A CN 201510291017A CN 104915598 A CN104915598 A CN 104915598A
Authority
CN
China
Prior art keywords
module
service
client
exe
operating system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510291017.1A
Other languages
Chinese (zh)
Other versions
CN104915598B (en
Inventor
姚永雷
郑钰辉
郭萍
梅永
顾文亚
孟祥瑞
朱节中
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Ennett Intelligent Technology Co.,Ltd.
Original Assignee
Nanjing University of Information Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Information Science and Technology filed Critical Nanjing University of Information Science and Technology
Priority to CN201510291017.1A priority Critical patent/CN104915598B/en
Publication of CN104915598A publication Critical patent/CN104915598A/en
Application granted granted Critical
Publication of CN104915598B publication Critical patent/CN104915598B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a monitoring method and a monitoring system for a C/S client side. The monitoring system comprises an automatic service operation module, a self-protection module, a client side application program monitoring module, a client side backup file monitoring module, an automatic client side repairing module, a client side application program network repairing module, an automatic system upgrading module, an automatic operation system identifying module, a system service module and a drive service module, wherein a system service (service.exe) module in the system service module is used for monitoring the client side degree and the programs of the system; a kernelkey.sys module in the drive service module is used for monitoring the service.exe module. The monitoring method and the monitoring system for the C/S client side can be used for preventing the programs of the client side from being tampered unintentionally or maliciously and enabling the programs to run normally and orderly.

Description

A kind of method for supervising of C/S client and supervisory system
Technical field
The present invention gives a kind of method for supervising being applicable to C/S client, belong to computer realm.
Background technology
At Windows environment, in the application system of C/S model, the program of client is arranged on open (system is not protected) terminal, and the security of itself is the problem that exploitation and maintainer will pay attention to.How to prevent the program of client to be not intended to or malice is distorted, make operation that program can be normally orderly be a problem of C/S model system maintenance.
Summary of the invention
Goal of the invention: in order to overcome the deficiencies in the prior art, the present invention proposes a kind of C/S client control method, the program of client can be prevented to be not intended to or malice change.
Technical scheme: for achieving the above object, the technical solution used in the present invention is: a kind of C/S client control method, comprises the following steps:
Step one, starts the operating system, and identifies this OS Type;
Step 2, enters operating system schema and selects, and selects to enter safe mode or normal mode;
Step 3, according to type and the pattern class entered of operating system, select whether load driver serves kernelkey.sys, described driving service kernelkey.sys is used for supervisory system service service.exe;
Step 4, is used for according to the service of the load condition loading system of step 3 service.exe, described system service service.exe the monitoring that performs client and native system program;
Step 5, by the monitoring situation of system service service.exe, determines whether client and native system program repair; By driving service kernelkey.sys to the monitoring situation of system service service.exe, determine the control desk input equipment shutting down or do not open computing machine by force.
Preferred: described driving service kernelkey.sys and system service service.exe interlocks.
Preferred: to have reinstated another thread in system service service.exe, this thread is as the interface of system upgrade.
Preferred: in step 2, by rewriting corresponding registry key, do not allow user enter DOS pattern.
A kind of C/S client control system; comprise service automatically run module, self-protection module, client application monitoring module, client backup file monitoring module, client automatic repairing module, client application network restoration module, system auto-update module, the automatic identification module of operating system, system service module and drive service module, wherein:
The automatic identification module of operating system is used for automatic identifying operation system, and the operation system information after identifying is fed back to service and automatically runs module;
Service automatically runs module and is used for making native system automatically run as service after powering according to the operation system information identified, and normally runs with operating system in the secure mode, and service simultaneously can not be stopped by user;
Described system service module is embedded with service.exe module, and this service.exe module is used for monitor client and native system;
Described driving service module is embedded with kernelkey.sys module, and described kernelkey.sys module for monitoring service.exe module, and determines according to monitoring situation the control desk input equipment shutting down or do not open computing machine by force;
Whether self-protection module is used for being tampered by system service module check native system, if be tampered, then reboot operation system carries out self-regeneration by force;
Client application monitoring module is used for by system service module when os starting, monitor client application program, and checks whether and be tampered, if distort, calls client backup file monitoring module;
Client backup file monitoring module is used for by client backup file in system service module monitors operating system, checks whether and is tampered; If distort, call client application network restoration module;
Client automatic repairing module is used for the call instruction according to client application monitoring module, detects in operating system whether have stand-by program, if any, then carry out repairing client with backup file; As nothing then calls client application network restoration module;
The call instruction of client application network restoration module according to client backup file monitoring module or the call instruction of client automatic repairing module, by the time when operating system can connect C/S system installation and maintenance server, designated program bag is downloaded to specified URL, termination client is run, and Auto-mounting performs, and repairs;
Whether system auto-update module has renewal version for detecting native system, upgrades version if had, to the on-line automatic upgrading of native system specified URL.
Preferred: described kernelkey.sys module and service.exe interlocking modules, be provided with a thread in described service.exe module, for the interface of native system upgrading simultaneously.
Preferred: also to comprise Install module, described Install module is passed through the resource of native system as oneself, according to the operation system information that the automatic identification module of operating system identifies, and the program that Auto-mounting is corresponding with operating system.
Preferred: described client application monitoring module, client backup file monitoring module service.exe module run start time by calling function in XX.DLL wherein to client inspection, and to recover.
Preferred: the operating system that the automatic identification module of described operating system can identify has WinNT operating system, Win2k operating system and Win9X operating system; The automatic identification module of described operating system identify operating system be WinNT operating system or Win2k operating system time, described service automatically run module by registration table " HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SafeBoot Minimal Service " write corresponding service value service.exe module run in the secure mode automatically; The automatic identification module of described operating system identifies operating system when being Win9X operating system, described service runs module automatically by write [boot] shell=explorer service.exe value in the system.ini file in registration table, service.exe module is run in the secure mode automatically, simultaneously by rewriting corresponding registry entry, user is not allowed to enter DOS pattern.
Preferred: the automatic identification module of described operating system identifies operating system when being Win9X operating system, and whether [boot] shell=explorer service.exe value that described service.exe module only need be monitored in system.ini file is modified.
Beneficial effect: a kind of C/S client control method provided by the invention and supervisory system thereof, compared to existing technology, have following beneficial effect:
Owing to being carried out the monitoring to client and native system program by system service service.exe, by driving service kernelkey.sys (kernelkey.sys module) to the monitoring of system service service.exe (service.exe module), make native system self can monitor oneself, reach and itself can not to be tampered and itself can normally run, and adopt system service service.exe and system service service.exe to monitor, it is run operating system impact very little, under Windows system controlled environment, the safety of client-side program monitoring recovery routine can be ensured.Therefore, the present invention can prevent the program of C/S client to be not intended to or malice change, makes the operation that program can be normally orderly.
Accompanying drawing explanation
Shown in Fig. 1 is the overall design embodiment flow process of the present invention under WinNT system;
Shown in Fig. 2 is the overall design embodiment flow process of the present invention under Win2K system;
Shown in Fig. 3 is the overall design embodiment flow process of the present invention under Win9X system.
Embodiment
Below in conjunction with accompanying drawing, the present invention is further described.
Client-side program monitoring recovery system is a program independent of client-side program being used for monitoring and recovering client-side program.According to the analysis to Windows systems operational mechanism, client-side program monitoring recovery routine is wanted to monitor and is recovered client application, and prerequisite is: itself can not be tampered; Itself want normally to run; And its operation is very little to systematic influence.
A kind of C/S client control method, as shown in Figure 1, comprises the following steps:
Step one, starts the operating system, and identifies this OS Type;
Step 2, enters operating system schema and selects, and selects to enter safe mode or normal mode;
Step 3, according to type and the pattern class entered of operating system, select whether load driver serves kernelkey.sys, described driving service kernelkey.sys is used for supervisory system service service.exe;
Step 4, is used for according to the service of the load condition loading system of step 3 service.exe, described system service service.exe the monitoring that performs client and native system program;
Step 5, by the monitoring situation of system service service.exe, determines whether client and native system program repair; By driving service kernelkey.sys to the monitoring situation of system service service.exe, determine the control desk input equipment shutting down or do not open computing machine by force.
Described driving service kernelkey.sys and system service service.exe interlocks.
Reinstated another thread in system service service.exe, this thread is as the interface of system upgrade.
In step 2, by rewriting corresponding registry key, user is not allowed to enter DOS pattern.
A kind of C/S client control system; comprise service automatically run module, self-protection module, client application monitoring module, client backup file monitoring module, client automatic repairing module, client application network restoration module, system auto-update module, the automatic identification module of operating system, system service module and drive service module, wherein:
The automatic identification module of operating system is used for automatic identifying operation system, and the operation system information after identifying is fed back to service and automatically runs module;
Service automatically runs module and is used for making native system automatically run as service after powering according to the operation system information identified, and normally runs with operating system in the secure mode, and service simultaneously can not be stopped by user;
Described system service module is embedded with service.exe module, and this service.exe module is used for monitor client and native system;
Described driving service module is embedded with kernelkey.sys module, and described kernelkey.sys module for monitoring service.exe module, and determines according to monitoring situation the control desk input equipment shutting down or do not open computing machine by force;
Whether self-protection module is used for being tampered (comprising program file, registration table) by system service module check native system, if be tampered, then reboot operation system carries out self-regeneration by force;
Client application monitoring module is used for by system service module when os starting, monitor client application program, and check and (comprise program file, whether normal in registration table, routine library etc.) whether be tampered, if distort, call client backup file monitoring module;
Client backup file monitoring module is used for by client backup file in system service module monitors operating system, checks whether and is tampered; If distort, call client application network restoration module;
Client automatic repairing module is used for the call instruction according to client application monitoring module, detects in operating system whether have stand-by program, if any, then carry out repairing client with backup file; As nothing then calls client application network restoration module;
The call instruction of client application network restoration module according to client backup file monitoring module or the call instruction of client automatic repairing module, by the time when operating system can connect C/S system installation and maintenance server, designated program bag is downloaded to specified URL, termination client is run, and Auto-mounting performs, and repairs;
Whether system auto-update module has renewal version for detecting native system, upgrades version if had, to the on-line automatic upgrading of native system specified URL.Require to support URL redirection function.
Described kernelkey.sys module and service.exe interlocking modules, be provided with a thread in described service.exe module, for the interface of native system upgrading simultaneously.
Also comprise Install module, described Install module is passed through the resource of native system as oneself, according to the operation system information that the automatic identification module of operating system identifies, and the program that Auto-mounting is corresponding with operating system.
Described client application monitoring module, client backup file monitoring module service.exe module run start time by calling function in XX.DLL wherein to client inspection, and to recover.
The operating system that the automatic identification module of described operating system can identify has WinNT operating system, Win2k operating system and Win9X operating system; The automatic identification module of described operating system identify operating system be WinNT operating system or Win2k operating system time, described service automatically run module by registration table " HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SafeBoot Minimal Servi ce " write corresponding service value service.exe module run in the secure mode automatically; The automatic identification module of described operating system identifies operating system when being Win9X operating system, described service runs module automatically by write [boot] shell=explorer service.exe value in the system.ini file in registration table, service.exe module is run in the secure mode automatically, simultaneously by rewriting corresponding registry entry, user is not allowed to enter DOS pattern.
The automatic identification module of described operating system identifies operating system when being Win9X operating system, and whether [boot] shell=explorer service.exe value that described service.exe module only need be monitored in system.ini file is modified.
In Windows system environments, client-side program monitoring recovery routine adopts the system service in Windows system to realize being best scheme, under Windows system controlled environment, can ensure the safety of client-side program monitoring recovery routine.For this reason, present embodiment have employed following translation and compiling environment:
Operating system: Windows Server 2003 SP1
Developing instrument: VC++8.0 (Microsoft Visual Studio.net 2005);
Windows drives kit 2003 sp1 DDK;
Develop help: MSDN Library for Visual Studio 2005.
Below respectively with WinNT, Win2K, Win9X for the overall design of client control system of the present invention is introduced in representative.
As shown in Figure 1, when the present invention is applied under WinNT system, first Dietary behavior preference pattern, makes client select to enter " normal mode " or " safe mode ".After model selection, load driver service KernelKey.sys, loads the service.exe of NT service afterwards, restarts supervisory system and enter monitor service.
In this embodiment, the monitoring of client application and the monitoring of system program have come primarily of service.exe process.Monitor client application program, is when service.exe starts by calling the function inspection in XX.DLL, and recovers.
The monitoring of native system program, mainly contains two aspects:
1. monitor registration table, reinstated a thread monitor registration table, if there is amendment, so just recover.Do not monitor during system upgrade.
2. monitor file, open corresponding file when service.exe process initiation, do not allow amendment, close during system upgrade.
Because system service process can also occur in task manager in WinNT system, and can be deleted, therefore utilize kernelkey.sys service to monitor service.exe service, if service.exe process is deleted, then system is shut down by force, and user can not carry out work again.Kernelkey.sys service interlocks with service.exe service.
Kernelkey.sys is that device service does not occur in task manager, can not be deleted.If service.exe can not be run, so kernelkey.sys is by the control desk input equipment of not open computing machine, and the computing machine made can not be controlled, and can only restart, protect like this.
Service.exe is General System service, do not start in the secure mode under normal circumstances, if but in registration table " HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SafeBoot Minimal Service " write corresponding service value, so service just can automatically run in the secure mode.
Another thread has been reinstated, for conversating with other program in service.exe.The namely system interface of later upgrading.
About the upgrade job of monitor client application program and native system, having left corresponding interface in a program, when service.exe starts by calling the function in XX.DLL, having started thread, the download upgrading of system can here be done.
In the Win2K system shown in Fig. 2, the monitoring of client application and the monitoring of native system program have come primarily of service.exe process.
Monitor client application program, is when service.exe starts by calling the function inspection in XX.DLL, and recovers.
The monitoring of native system program, mainly contains two aspects:
1. monitor registration table, reinstated a thread monitor registration table, if there is amendment, so just recover.Do not monitor during system upgrade.
2. monitor file, open corresponding file when service.exe process initiation, do not allow amendment, close during system upgrade.
Because system service process can also occur in task manager in WinNT system, and can be deleted, therefore utilize kernelkey.sys service to monitor service.exe service, if service.exe process is deleted, then system is shut down by force, and user can not carry out work again.Kernelkey.sys service interlocks with service.exe service.
Kernelkey.sys is that device service does not occur in task manager, can not be deleted.If service.ex e can not be run so, kernelkey.sys is by the control desk input equipment of not open computing machine, and the computing machine made can not be controlled, and can only restart, protect like this.
Service.exe is General System service, do not start in the secure mode under normal circumstances, if but in registration table " HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SafeBoot Minimal Service " write corresponding service value, so service just can automatically run in the secure mode.
Another thread has been reinstated, for conversating with other program in service.exe.The namely system interface of later upgrading.
About the upgrade job of monitor client application program and native system, having left corresponding interface in a program, when service.exe starts by calling the function in XX.DLL, having started thread, the download upgrading of system can here be done.
The present invention is configured in example flow in Win9X system as shown in Figure 3.The monitoring of client application and the monitoring of native system program have come primarily of service.exe process.
Monitor client application program, is when service.exe starts by calling the function inspection in XX.DLL, and recovers.
The monitoring of native system program, mainly contains two aspects:
1. monitor registration table, reinstated a thread monitor registration table, if there is amendment, so just recover.Do not monitor during system upgrade.
2. monitor file, open corresponding file when service.exe process initiation, do not allow amendment, close during system upgrade.
Service.exe is General System service, does not start in the secure mode under normal circumstances, if but in registration table
In system.ini file, write [boot] shell=explorer service.exe value, so service just can run in the secure mode automatically.
By rewriting corresponding registry entry, user is not allowed to enter DOS pattern.
Because system service process does not occur in task manager in Win9X system, can not be deleted, therefore itself is not monitored.As long as [boot] shell=explorer service.exe value in monitoring system.ini file is not modified.
Another thread has been reinstated, for conversating with other program in service.exe.The namely system interface of later upgrading.
About the upgrade job of monitor client application program and native system, having left corresponding interface in a program, when service.exe starts by calling the function in XX.DLL, having started thread, the download upgrading of system can here be done.
The above is only the preferred embodiment of the present invention; be noted that for those skilled in the art; under the premise without departing from the principles of the invention, can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.

Claims (10)

1. a C/S client control method, is characterized in that, comprises the following steps:
Step one, starts the operating system, and identifies this OS Type;
Step 2, enters operating system schema and selects, and selects to enter safe mode or normal mode;
Step 3, according to type and the pattern class entered of operating system, select whether load driver serves kernelkey.sys, described driving service kernelkey.sys is used for supervisory system service service.exe;
Step 4, is used for according to the service of the load condition loading system of step 3 service.exe, described system service service.exe the monitoring that performs client and native system program;
Step 5, by the monitoring situation of system service service.exe, determines whether client and native system program repair; By driving service kernelkey.sys to the monitoring situation of system service service.exe, determine the control desk input equipment shutting down or do not open computing machine by force.
2. C/S client control method according to claim 1, is characterized in that: described driving service kernelkey.sys and system service service.exe interlocks.
3. C/S client control method according to claim 2, it is characterized in that: reinstated another thread in system service service.exe, this thread is as the interface of system upgrade.
4. C/S client control method according to claim 1, is characterized in that: in step 2, by rewriting corresponding registry key, does not allow user enter DOS pattern.
5. one kind based on C/S client control system according to claim 1; it is characterized in that: comprise service and automatically run module, self-protection module, client application monitoring module, client backup file monitoring module, client automatic repairing module, client application network restoration module, system auto-update module, the automatic identification module of operating system, system service module and drive service module, wherein:
The automatic identification module of operating system is used for automatic identifying operation system, and the operation system information after identifying is fed back to service and automatically runs module;
Service automatically runs module and is used for making native system automatically run as service after powering according to the operation system information identified, and normally runs with operating system in the secure mode, and service simultaneously can not be stopped by user;
Described system service module is embedded with service.exe module, and this service.exe module is used for monitor client and native system;
Described driving service module is embedded with kernelkey.sys module, and described kernelkey.sys module for monitoring service.exe module, and determines according to monitoring situation the control desk input equipment shutting down or do not open computing machine by force;
Whether self-protection module is used for being tampered by system service module check native system, if be tampered, then reboot operation system carries out self-regeneration by force;
Client application monitoring module is used for by system service module when os starting, monitor client application program, and checks whether and be tampered, if distort, calls client backup file monitoring module;
Client backup file monitoring module is used for by client backup file in system service module monitors operating system, checks whether and is tampered; If distort, call client application network restoration module;
Client automatic repairing module is used for the call instruction according to client application monitoring module, detects in operating system whether have stand-by program, if any, then carry out repairing client with backup file; As nothing then calls client application network restoration module;
The call instruction of client application network restoration module according to client backup file monitoring module or the call instruction of client automatic repairing module, by the time when operating system can connect C/S system installation and maintenance server, designated program bag is downloaded to specified URL, termination client is run, and Auto-mounting performs, and repairs;
Whether system auto-update module has renewal version for detecting native system, upgrades version if had, to the on-line automatic upgrading of native system specified URL.
6. C/S client control system according to claim 5, is characterized in that: described kernelkey.sys module and service.exe interlocking modules, is provided with a thread, for the interface of native system upgrading in described service.exe module simultaneously.
7. C/S client control system according to claim 5, it is characterized in that: also comprise Install module, described Install module is passed through the resource of native system as oneself, according to the operation system information that the automatic identification module of operating system identifies, the program that Auto-mounting is corresponding with operating system.
8. the C/S client control system according to claim 6 or 7, it is characterized in that: described client application monitoring module, client backup file monitoring module service.exe module run start time by calling function in XX.DLL wherein to client inspection, and to recover.
9. C/S client native system according to claim 8, is characterized in that: the operating system that the automatic identification module of described operating system can identify has WinNT operating system, Win2k operating system and Win9X operating system; Described operating system automatic identification module identify operating system be WinNT operating system or Win2k operating system time, described service runs module automatically by registration table
" HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SafeBoot Minimal Service " write corresponding service value service.exe module run in the secure mode automatically; The automatic identification module of described operating system identifies operating system when being Win9X operating system, described service runs module automatically by write [boot] shell=explorer service.exe value in the system.ini file in registration table, service.exe module is run in the secure mode automatically, simultaneously by rewriting corresponding registry entry, user is not allowed to enter DOS pattern.
10. C/S client control system according to claim 9, it is characterized in that: the automatic identification module of described operating system identifies operating system when being Win9X operating system, and whether [boot] shell=explorer service.exe value that described service.exe module only need be monitored in system.ini file is modified.
CN201510291017.1A 2015-05-29 2015-05-29 A kind of monitoring method and monitoring system of C/S clients Expired - Fee Related CN104915598B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510291017.1A CN104915598B (en) 2015-05-29 2015-05-29 A kind of monitoring method and monitoring system of C/S clients

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510291017.1A CN104915598B (en) 2015-05-29 2015-05-29 A kind of monitoring method and monitoring system of C/S clients

Publications (2)

Publication Number Publication Date
CN104915598A true CN104915598A (en) 2015-09-16
CN104915598B CN104915598B (en) 2017-10-10

Family

ID=54084659

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510291017.1A Expired - Fee Related CN104915598B (en) 2015-05-29 2015-05-29 A kind of monitoring method and monitoring system of C/S clients

Country Status (1)

Country Link
CN (1) CN104915598B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107710204A (en) * 2016-06-02 2018-02-16 谷歌公司 Client device application interaction monitors
CN109254797A (en) * 2018-08-15 2019-01-22 Oppo广东移动通信有限公司 Mobile terminal and its start-up control method, storage medium
CN110417771A (en) * 2019-07-25 2019-11-05 福建天晴在线互动科技有限公司 A method of interception Windows is automated by driving and is automatically updated

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1725703A (en) * 2005-06-03 2006-01-25 南京才华信息技术有限公司 Network behaviour management method and system
US7975017B1 (en) * 2008-02-27 2011-07-05 Parallels Holdings, Ltd. Method and system for remote device access in virtual environment
CN102546620A (en) * 2011-12-29 2012-07-04 郭俊莉 Information security control method, information security control device as well as client
CN103377068A (en) * 2012-04-13 2013-10-30 联想(北京)有限公司 Control method and electronic instrument

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1725703A (en) * 2005-06-03 2006-01-25 南京才华信息技术有限公司 Network behaviour management method and system
US7975017B1 (en) * 2008-02-27 2011-07-05 Parallels Holdings, Ltd. Method and system for remote device access in virtual environment
CN102546620A (en) * 2011-12-29 2012-07-04 郭俊莉 Information security control method, information security control device as well as client
CN103377068A (en) * 2012-04-13 2013-10-30 联想(北京)有限公司 Control method and electronic instrument

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107710204A (en) * 2016-06-02 2018-02-16 谷歌公司 Client device application interaction monitors
CN107710204B (en) * 2016-06-02 2021-09-21 谷歌有限责任公司 Client device application interaction monitoring
CN109254797A (en) * 2018-08-15 2019-01-22 Oppo广东移动通信有限公司 Mobile terminal and its start-up control method, storage medium
CN109254797B (en) * 2018-08-15 2022-01-14 Oppo广东移动通信有限公司 Mobile terminal, starting control method thereof and storage medium
CN110417771A (en) * 2019-07-25 2019-11-05 福建天晴在线互动科技有限公司 A method of interception Windows is automated by driving and is automatically updated
CN110417771B (en) * 2019-07-25 2021-07-09 福建天晴在线互动科技有限公司 Method for automatically intercepting Windows automatic update through driving

Also Published As

Publication number Publication date
CN104915598B (en) 2017-10-10

Similar Documents

Publication Publication Date Title
CN1118750C (en) Initializing and restarting operating systems
US7143275B2 (en) System firmware back-up using a BIOS-accessible pre-boot partition
EP2318929B1 (en) Application restore points
JP4872049B2 (en) Fail-safe computer assistance assistant
US20060020845A1 (en) Unattended BIOS recovery
CN104881314A (en) Method for installing driver and driver installation device
US20080155216A1 (en) Protection and Recovery System for Automatic Disk Recovery
CN102929716B (en) Method for starting multiple processes
EP3097477B1 (en) System firmware configuration data
US7370233B1 (en) Verification of desired end-state using a virtual machine environment
KR100952585B1 (en) Method and system for automatic recovery of an embedded operating system
EP2280348B1 (en) Method and system for saving operational state of running applications when unexpected shutdown events occur
CN104915598A (en) Monitoring method and monitoring system for C/S client side
US8176309B2 (en) Boot system has BIOS that reads rescue operating system from memory device via input/output chip based on detecting a temperature of a hard disk
CN103064705B (en) Computer system starting processing method and device
US8132047B2 (en) Restoring application upgrades using an application restore point
CN103019790B (en) Computer system power-on Acceleration of starting method and apparatus
CN104573417A (en) UEFI (Unified Extensible Firmware Interface)-based software whole-process protection system and UEFI-based software whole-process protection method
KR101100894B1 (en) error detection and recovery method of embedded System
CN115167883A (en) Operating system installation method, device, equipment and storage medium
KR20000063253A (en) Method of Self-Diagnosis and Self-Restoration of System Error and A Computer System Using The Same
CN1797337B (en) Method for installing software of computer automatically
CN113778756A (en) Fault recovery method, device, equipment and medium for BMC (baseboard management controller) firmware
CN114651240A (en) Security check
KR100861751B1 (en) Management system of multiple client pc at facilities using multiple client pc

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20190612

Address after: 210032 R&D Building No. 2 Lijing Road, Jiangbei New Area, Nanjing City, Jiangsu Province, 6 floors, Block A

Patentee after: Jiangsu Ennett Intelligent Technology Co.,Ltd.

Address before: 210044 Ning six road, Nanjing, Jiangsu Province, No. 219

Patentee before: Nanjing University of Information Science and Technology

TR01 Transfer of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20171010