CN106325457A - Shutdown monitoring system - Google Patents
Shutdown monitoring system Download PDFInfo
- Publication number
- CN106325457A CN106325457A CN201610715589.2A CN201610715589A CN106325457A CN 106325457 A CN106325457 A CN 106325457A CN 201610715589 A CN201610715589 A CN 201610715589A CN 106325457 A CN106325457 A CN 106325457A
- Authority
- CN
- China
- Prior art keywords
- shutdown
- unit
- exe
- data
- monitoring system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
- G06F1/26—Power supply means, e.g. regulation thereof
- G06F1/28—Supervision thereof, e.g. detecting power-supply failure by out of limits supervision
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/442—Shutdown
Abstract
The invention discloses a shutdown monitoring system. The shutdown monitoring system comprises a HOOK interface, an interception unit, a sharing unit and a pushing unit, wherein the HOOK interface is used for accessing Winlogon.EXE in a HOOK mode for being connected with a communication link with CSRSS. EXE; the interception unit is used for intercepting a shutdown API (Application Program Interface) function transmitted to the CSRSS. EXE by the Winlogon.EXE after the communication link is accessed; the sharing unit is used for performing sharing setting on intercepted data; the pushing unit is used for pushing a shutdown protecting signal for a key application after a shutdown signal existing in the intercepted data is detected. The system can automatically push a shutdown notification for key components needing to be subjected to shutdown protection in advance according to a shutdown instruction. The key components finish the shutdown protection in time after receiving the shutdown notification, and in particular protect important data such as core data and setting parameters in respective component databases in time, so that heavy loss is avoided. Meanwhile, the security of user permission data is also improved, and outside intrusion due to unfinished shutdown is avoided.
Description
Technical field
The present invention relates to a kind of shutdown monitoring system, particularly relate to a kind of shutdown monitoring system for financial terminal.
Background technology
Conventional financial terminal has ATM, STM, CRS etc., the shutdown of these equipment all variable intervals and available machine time.Shutdown
Time arbitrary run program system can be sent off signal, its shutdown process as it is shown in figure 1, user initiate shutdown
After instruction, the program initiating shutdown command is notified that Windows subsystem CSRSS.EXE, after CSRSS.EXE is notified
A data exchange can be done with Winlogon.EXE, then be begun to shut off system by Winlogon.EXE notice CSRSS.EXE
Flow process.After sending shutdown command, Partial key parts are likely not to have and complete shutdown protection in time and cause financial terminal
Loss of data or error in data, the data accounting directly affecting financial company causes massive losses.
Summary of the invention
In order to solve above-mentioned technical problem, present invention aim at providing a kind of shutdown monitoring system.
A kind of shutdown monitoring system of the present invention, it is characterised in that including:
HOOK interface, is connected for being accessed the communication link of Winlogon.EXE with CSRSS.EXE by HOOK mode;
Interception unit, intercepts Winlogon.EXE after incoming communication link and is sent to the shutdown api function of CSRSS.EXE;
The data intercepted are carried out sharing setting by shared cell;
Push unit, after having off signal, pushes shutdown protection signal in data interception being detected to key application.
A kind of shutdown monitoring system of the present invention, has an advantage in that, system can automatically according to shutdown command in advance
To so needing the critical component doing shutdown protection to push shutdown notice.Critical component completes shutdown after receiving shutdown notice in time
Protection, particularly to the core data in respective parts data storehouse, the significant datas such as parameter be set protect timely, it is to avoid
Heavy losses.Also improve the safety of user right data, it is to avoid shutdown does not complete and invaded by the external world simultaneously.
Described interception unit uses dll file to carry out dynamic interception shutdown api function.
Described system also includes: timing unit, for detecting whether the unused time exceedes the threshold value of setting;Force single
Unit, for sending forced shutdown control signal after the unused time exceedes threshold value to financial terminal.
Described system also includes: injection unit, after starting shooting at financial terminal, shutdown monitoring system is forced registration
In the service of Windows operating system.
Described injection unit actively accesses shared cell after registration completes and checks off signal.
Accompanying drawing explanation
Fig. 1 is prior art shutdown process schematic diagram.
Fig. 2 is the structural representation of system of the present invention.
Fig. 3 is the shutdown process schematic diagram of system of the present invention.
Detailed description of the invention
According to Fig. 2, a kind of shutdown monitoring system of the present invention, including HOOK interface, for by HOOK side
Formula accesses the communication link of Winlogon.EXE with CSRSS.EXE and is connected;Interception unit, intercepts after incoming communication link
Winlogon.EXE is sent to the shutdown api function of CSRSS.EXE;The data intercepted are carried out sharing setting by shared cell;
Push unit, after having off signal, pushes shutdown protection signal in data interception being detected to key application.
Owing to native system is that the communication information intercepting two critical processes carries out closing machine monitoring, therefore to ensure whole
The stable operation of windows operating system.Shared cell is set the data intercepted are done shared setting, can be to data interception
The communication integrity of associated process is not interfered with while carrying out screening inspection.System can automatically according to shutdown command in advance
To so needing the critical component doing shutdown protection to push shutdown notice.Critical component completes shutdown after receiving shutdown notice in time
Protection, particularly to the core data in respective parts data storehouse, the significant datas such as parameter be set protect timely, it is to avoid
Heavy losses.Also improve the safety of user right data, it is to avoid shutdown does not complete and invaded by the external world simultaneously.
Wherein interception unit can use dll file to carry out dynamic interception, uses HOOK technology to carry out the clasp joint of DLL, can
To easily facilitate maintenance and incoming communication link, also system stability will not be impacted.
Avoid shutdown when occur stuck and cause other economic losses, also set up timing unit in a system of the invention
With pressure unit.Timing unit, for detecting whether the unused time exceedes the threshold value of setting;Force unit, for when shutdown
Between exceed threshold value after financial terminal sent forced shutdown control signal.
Can monitor off signal for monitoring system of shutting down, the Service Management using Windows will simultaneously every time
Shutdown monitoring system is registered in service, so can accomplish that shutdown monitoring system will actively be beaten system start-up when
Open.I.e. increase and injection unit is set, force shutdown monitoring system to be registered to Windows operation after starting shooting at financial terminal
In the service of system.
But shutdown monitoring system may cause starting unsuccessfully because of system reason when service starts, and spy has added self-starting merit
Energy.So can accomplish to monitor off signal every time.I.e. injection unit actively accesses after registration completes and shares list
Unit checks off signal.
For a person skilled in the art, can technical scheme as described above and design, make other each
Plant corresponding change and deformation, and all these change and deformation all should belong to the protection model of the claims in the present invention
Within enclosing.
Claims (5)
1. a shutdown monitoring system, it is characterised in that including:
HOOK interface, is connected for being accessed the communication link of Winlogon.EXE with CSRSS.EXE by HOOK mode;
Interception unit, intercepts Winlogon.EXE after incoming communication link and is sent to the shutdown api function of CSRSS.EXE;
The data intercepted are carried out sharing setting by shared cell;
Push unit, after having off signal, pushes shutdown protection signal in data interception being detected to key application.
System the most according to claim 1, it is characterised in that described interception unit uses dll file dynamically to block
Cut shutdown api function.
System the most according to claim 1, it is characterised in that also include: timing unit, is used for whether detecting the unused time
Exceed the threshold value of setting;Forcing unit, controlling letter for financial terminal being sent forced shutdown after the unused time exceedes threshold value
Number.
System the most according to claim 1, it is characterised in that also include: injection unit, after starting shooting at financial terminal
Force to be registered in the service of Windows operating system by shutdown monitoring system.
System the most according to claim 4, it is characterised in that described injection unit actively accesses altogether after registration completes
Enjoy unit and check off signal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610715589.2A CN106325457A (en) | 2016-08-25 | 2016-08-25 | Shutdown monitoring system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610715589.2A CN106325457A (en) | 2016-08-25 | 2016-08-25 | Shutdown monitoring system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106325457A true CN106325457A (en) | 2017-01-11 |
Family
ID=57790182
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610715589.2A Pending CN106325457A (en) | 2016-08-25 | 2016-08-25 | Shutdown monitoring system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106325457A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109669728A (en) * | 2018-12-14 | 2019-04-23 | 深圳市中科亿信技术有限公司 | The software closedown method and device of vxworks operating system |
CN110134460A (en) * | 2019-05-17 | 2019-08-16 | 联想(北京)有限公司 | System control method, controller, processor and computer-readable medium |
CN114327010A (en) * | 2021-12-28 | 2022-04-12 | 杭州雾联科技有限公司 | System control method, device and medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1369778A (en) * | 2001-02-15 | 2002-09-18 | 英业达股份有限公司 | High-safety shtdown method for protecting Window 9X system |
US20050015395A1 (en) * | 2003-07-14 | 2005-01-20 | Canon Kabushiki Kaisha | User interface control apparatus and method thereof |
CN102750477A (en) * | 2012-06-11 | 2012-10-24 | 腾讯科技(深圳)有限公司 | Method and system for controlling closing of terminal |
-
2016
- 2016-08-25 CN CN201610715589.2A patent/CN106325457A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1369778A (en) * | 2001-02-15 | 2002-09-18 | 英业达股份有限公司 | High-safety shtdown method for protecting Window 9X system |
US20050015395A1 (en) * | 2003-07-14 | 2005-01-20 | Canon Kabushiki Kaisha | User interface control apparatus and method thereof |
CN102750477A (en) * | 2012-06-11 | 2012-10-24 | 腾讯科技(深圳)有限公司 | Method and system for controlling closing of terminal |
Non-Patent Citations (1)
Title |
---|
NIELSPROVOS等: "《虚拟蜜罐 从僵尸网络追踪到入侵检测》", 31 January 2011 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109669728A (en) * | 2018-12-14 | 2019-04-23 | 深圳市中科亿信技术有限公司 | The software closedown method and device of vxworks operating system |
CN109669728B (en) * | 2018-12-14 | 2022-04-05 | 深圳市中科亿信技术有限公司 | Software shutdown method and device for VxWorks operating system |
CN110134460A (en) * | 2019-05-17 | 2019-08-16 | 联想(北京)有限公司 | System control method, controller, processor and computer-readable medium |
CN114327010A (en) * | 2021-12-28 | 2022-04-12 | 杭州雾联科技有限公司 | System control method, device and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109361517A (en) | A kind of virtualization cloud cipher machine system and its implementation based on cloud computing | |
CN103441926B (en) | Security gateway system of numerically-controllmachine machine tool network | |
CN104299300B (en) | The unblanking and close locking method of safety intelligent lock system based on NFC | |
CN106325457A (en) | Shutdown monitoring system | |
CN104282062A (en) | Locking and unlocking method based on safe and intelligent lock system | |
CN103530559A (en) | Integrity protection system of Android system | |
CN111669371B (en) | Network attack restoration system and method suitable for power network | |
CN106326736A (en) | Data processing method and system | |
CN104135483A (en) | Automatic configuration management system for network security | |
CN103927477B (en) | A kind of safe mainboard and its application process | |
Papa et al. | Availability based risk analysis for SCADA embedded computer systems | |
CN106789156A (en) | A kind of industry control network method of testing, apparatus and system | |
CN109785537A (en) | A kind of safety protecting method and device of ATM machine | |
AU2019255300B2 (en) | Anti-virus device for industrial control systems | |
CN103942503B (en) | Safe state switching system and switching method | |
Zheng et al. | Design of automated security assessment framework for mobile applications | |
CN205405523U (en) | Fall information secure computer that electric self preservation protected | |
CN109614819A (en) | A method of database security is improved using plug-in unit | |
CN101820438B (en) | Computer starting method in local area network (LAN) and LAN | |
CN101894233B (en) | Trusted reconfigurable device and using method thereof | |
CN204833287U (en) | Information secure computer | |
Li et al. | Overview of Security Protection for PIoT | |
Ru et al. | Brief Technical Analysis of Malicious Cyber Attacks in Power System | |
CN107578517A (en) | High-level security access control system and system | |
CN203233445U (en) | High security internal network information safety system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170111 |