CN107632936B - Stack protection method and device - Google Patents
Stack protection method and device Download PDFInfo
- Publication number
- CN107632936B CN107632936B CN201710868460.XA CN201710868460A CN107632936B CN 107632936 B CN107632936 B CN 107632936B CN 201710868460 A CN201710868460 A CN 201710868460A CN 107632936 B CN107632936 B CN 107632936B
- Authority
- CN
- China
- Prior art keywords
- stack
- thread
- stack area
- area
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a stack protection method and device. The method is applied to the network equipment and comprises the following steps: and executing a user thread function corresponding to the thread to obtain data information generated in the process of executing the user thread function. And dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises a stack protection area and the user thread stack area. Therefore, stack protection areas are arranged at two ends of a user thread stack area to limit the overflow range of the stack and the damage influence range of the stack after being attacked, so that the basic information of the thread is prevented from being damaged, and the process is prevented from being hung up and quit to cause equipment restart. And when the stack is detected to be attacked, an abnormal signal is triggered, and the basic information of the thread and the abnormal information of the stack which is attacked are collected, so that the condition of the thread is known, and the source of the abnormal problem is located and traced.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a stack protection method and device.
Background
In the prior art, a stack protection mechanism mainly adopts a static detection prevention mechanism, and a static stack detection tool is operated in a network device for detection, so that the problem of stack overflow can be prevented. However, since the detection is based on the static state, the probability of finding the problem is low, and the range of detecting the problem is limited. Moreover, the mechanism can only detect the condition of stack overflow, and cannot protect the condition that the stack is attacked.
Disclosure of Invention
In order to overcome the above defects in the prior art, the present invention provides a stack protection method and apparatus, which can limit the overflow range of the stack and the damage influence range after the stack is attacked, avoid damaging the basic information of the thread, and prevent the restart of the device caused by the process hang-up exit.
A first objective of a preferred embodiment of the present invention is to provide a stack protection method, which is applied to a network device, and the method includes:
executing a user thread function corresponding to a thread, and acquiring data information generated in the process of executing the user thread function;
and dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises a stack protection area and the user thread stack area.
It is a second object of a preferred embodiment of the present invention to provide a stack protection apparatus, which is applied to a network device, and includes:
the data processing module is used for executing a user thread function corresponding to a thread and acquiring data information generated in the process of executing the user thread function;
and the data processing module is further used for dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises a stack protection area and the user thread stack area.
Compared with the prior art, the invention has the following beneficial effects:
the preferred embodiment of the invention provides a stack protection method and device. The method is applied to the network equipment and comprises the following steps: and executing a user thread function corresponding to the thread to obtain data information generated in the process of executing the user thread function. And dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises a stack protection area and the user thread stack area. The stack protection areas are arranged at the two ends of the user thread stack area to limit the overflow range of the stack and the damage influence range of the stack after being attacked, so that the basic information of the thread is prevented from being damaged, and the process is prevented from being hung up and quit to cause equipment restart.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a flowchart illustrating steps of a stack protection method according to a first embodiment of the present invention.
Fig. 2 is a second flowchart illustrating steps of a stack protection method according to the first embodiment of the present invention.
FIG. 3 is a diagram of stack partitions processed by stack partitioning according to a first embodiment of the present invention.
Fig. 4 is a flowchart illustrating sub-steps of step S130 shown in fig. 2 according to a first embodiment of the present invention.
Fig. 5 is a third flowchart illustrating steps of a stack protection method according to the first embodiment of the present invention.
FIG. 6 is a flowchart illustrating a fourth step of the stack protection method according to the first embodiment of the present invention.
Fig. 7 is a functional block diagram of a stack protection device according to a second embodiment of the present invention.
Icon: 200-stack protection device; 210-a thread creation module; 220-stack processing module; 230-a data processing module; 240-a detection module; 250-exception handling module; 260-revocation module.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
Through the research of the inventor of the present application, at present, the protection mechanism of the stack further includes:
the runtime protection mechanism, C-library pthread (POSIX thread-POSIX thread, which is the POSIX standard of a thread), will default to allocate a stack protection area (guard) for each thread stack, so as to solve the problem of stack overflow and avoid that the stack of the current thread overflows and then destroys important information on the next thread stack. However, this approach only protects the case of stack overflow, and cannot protect against stack attacks. Moreover, when the stack is attacked, the operation of the thread is affected by the damage of the important information on the stack, so that the process in which the thread is located hangs up and exits, and the related information of the stack cannot be acquired to locate the tracing problem source.
In order to solve the above problems, the present invention provides a stack protection method and apparatus. The following embodiments are provided to specifically describe the stack protection method and apparatus provided by the present invention.
First embodiment
Referring to fig. 1, fig. 1 is a flowchart illustrating a stack protection method according to a first embodiment of the present invention. The method is applied to the network equipment. The specific flow of the stack protection method is described in detail below.
Step S140, executing the user thread function corresponding to the thread, and obtaining data information generated during the execution of the user thread function.
Step S150, dynamically writing the data information into a user thread stack area in a stack corresponding to the thread.
In this embodiment, the stack includes the user thread stack area and a stack protection area for limiting an overflow range of the stack and a damage influence range after the stack is attacked.
Referring to fig. 2, fig. 2 is a second flowchart illustrating a stack protection method according to a first embodiment of the invention. Before executing the step S140, the method further includes: step S110, step S120, and step S130.
In step S110, a thread is created.
In this embodiment, the network device creates threads for executing subtasks for a process, and configures a corresponding stack for each thread, so as to store data information related to the thread.
Step S120, dividing the stack corresponding to the thread into the stack protection area and the user thread stack area.
In this embodiment, after the thread is created, the network device executes a stack division operation to divide the stack corresponding to the thread into a user thread stack area, two stack protection areas, a signal stack area, and a basic stack area. Wherein the user thread stack area is located between the two stack protection areas.
In this embodiment, stack overflow and stack attack mainly occur in the user thread stack area, and the user thread stack area is disposed between the two stack protection areas, so that the overflow range of the stack can be restricted, and the damage influence range of the stack after attack is limited.
The above stack division operation is exemplified below. Referring to fig. 3, fig. 3 is a diagram of stack partitions processed by stack partitioning according to a first embodiment of the present invention.
In this embodiment, the network device may obtain an address corresponding to each stack in advance, and the network device may divide a stack area address range of each stack area according to the address corresponding to the stack. For example, assume that the address range corresponding to the current stack includes: 1-30, the number of stack protection zones is set to two. The network equipment divides addresses 1-5 into a basic stack area, divides addresses 6-10 into a signal stack area, divides addresses 11-15 into a first stack protection area, divides addresses 16-25 into a user thread stack area, and divides addresses 26-30 into a second stack protection area.
In this embodiment, the data stored in the basic stack area is first pushed; then, the data stored in the signal stack area is stacked; the data stored in the user thread stack area is pushed from the address 16; the first stack protection area and the second stack protection area can be respectively stored with local variables with larger address occupation, and the local variables can be endowed with null values.
Step S130, storing information related to the thread in the corresponding stack area.
Referring to fig. 4, fig. 4 is a flowchart illustrating sub-steps of step S130 shown in fig. 2 according to a first embodiment of the present invention. The step S130 includes: substep S131, substep S132, substep S133, and substep S134.
And a substep S131 of storing the basic parameter information of the thread in the basic stack area.
In this embodiment, the network device stores thread-related basic parameter information into a basic stack area, where the basic parameter information includes information related to creating a thread.
And a substep S132 of storing parameter information of the signal processing function in the signal stack area.
In this embodiment, the network device stores parameter information of the signal processing function in the signal stack area. Wherein the parameter information of the signal processing function includes variable data and the like related to executing the signal processing function.
In this embodiment, when performing process initialization operation, the network device configures a corresponding signal processing function for each process, where the signal processing function is used to process an exception signal triggered after a stack corresponding to each thread in the process is attacked.
And a substep S133 of setting an out-of-bounds flag for each stack protection zone.
In this embodiment, the network device may set an out-of-bounds flag for each stack protection area. The setting of the out-of-range flag may include, but is not limited to: setting a stack area address access type, setting an out-of-bounds identifier, and the like. For example, the access right type of the stack area address corresponding to the stack protection area is marked as read-only, and when it is detected that data in the user thread stack area is written into the stack protection area in an out-of-bounds manner, the data cannot be written because the access right type of the stack protection area is read-only, so that abnormal signals are triggered when the data in the user thread stack area is written in the out-of-bounds manner.
And a substep S134, storing the user thread function and the parameter information of the function in the user thread stack area.
In this embodiment, the network device stores the user thread function and the parameter information of the function in the user thread stack area. Wherein the parameter information comprises variable data related to executing a user thread function and the like. The network device configures a corresponding user thread function for each thread.
The following describes steps S140 and S150 in fig. 1 based on the above description.
The step of obtaining data information specifically includes: and executing the user thread function corresponding to the thread to obtain data information generated in the process of executing the user thread function.
In this embodiment, the network device obtains the user thread function and the parameter information of the function stored in the user thread stack area by accessing the user thread stack area. And the network equipment calls and executes the user thread function and acquires data information generated in the process of executing the user thread function.
In this embodiment, the network device dynamically writes data information generated during the execution of the user thread function into the user thread stack area. Usually, only data of the user thread stack area needs to be dynamically written, the range of the user thread stack area is large, and the user thread stack area cannot be out of range under normal conditions.
Referring to fig. 5, fig. 5 is a third flowchart illustrating a step of a stack protection method according to a first embodiment of the invention. In the process of dynamically writing data information into a user thread stack area in a stack corresponding to a thread, the method further comprises: step S160 and step S170.
Step S160, detecting whether the stack is attacked.
In this embodiment, the manner of detecting whether the stack is attacked may include, but is not limited to: and detecting whether the stack area address of the data information written into the user thread stack area is out of range.
If an out-of-bounds condition occurs, it may be determined that the thread stack is under attack.
If an out-of-bounds condition does not occur, it may be determined that the thread stack is not under attack.
Step S170, when the stack is attacked, an exception signal is triggered, and a signal processing function is called to collect the basic information of the thread and the exception information of the stack that is attacked.
In this embodiment, when a stack is attacked, an exception signal is triggered, the network device invokes a signal processing function, accesses parameter information of the signal processing function stored in a signal stack area, and collects basic information of a thread and exception information of the stack that is attacked by intercepting a signal. The network device can know the situation of the thread according to the collected information and locate and trace the source of the abnormal problem according to the acquired stack related information. The collected information includes trace information of the thread, register information, and the like.
Referring to fig. 6, fig. 6 is a fourth flowchart illustrating a stack protection method according to a first embodiment of the present invention. The method further comprises the following steps: and step S180.
And step S180, withdrawing the stack protection area in the stack corresponding to the thread.
In this embodiment, after the operation of the network device executing the user thread function is completed, the network device withdraws the stack protection area in the stack corresponding to the thread.
In this embodiment, since only data in the user thread stack area needs to be dynamically written, when the thread stack is attacked, the attack program can continuously write illegal data information in the user thread stack area, which causes the stack area address of the user thread stack area to cross the boundary. If the basic stack area storing the thread basic information is adjacent to the user thread stack area, the illegal data information written by crossing the border destroys the basic information stored in the basic stack area, and the process in which the thread is located hangs up and exits. Therefore, in the preferred embodiment of the present invention, when the stack is divided in advance, stack protection areas are set at two ends of the user thread stack area to limit the overflow range of the stack and the damage influence range of the stack after being attacked, so as to prevent the illegal data information written beyond the boundary from damaging the basic information stored in the basic stack area. And after detecting that the stack is attacked, triggering an abnormal signal, accessing parameter information of the signal processing function stored in the signal stack area by calling the signal processing function, and collecting basic information of the thread and the abnormal information of the attacked stack so as to know the condition of the thread and locate and trace the source of the abnormal problem. The invention solves the problem that the thread information can not be collected under the condition of stack abnormity, and has better market application prospect.
Second embodiment
Referring to fig. 7, fig. 7 is a functional block diagram of a stack protection device 200 according to a second embodiment of the present invention. The device is applied to network equipment. The stack protection apparatus 200 includes: a data processing module 230.
The data processing module 230 is configured to execute a user thread function corresponding to a thread, and obtain data information generated in the process of executing the user thread function.
The data processing module 230 is further configured to dynamically write the data information into a user thread stack area in a stack corresponding to a thread, where the stack includes a stack protection area and the user thread stack area.
In this embodiment, the data processing module 230 is configured to execute step S140 and step S150 in fig. 1, and the detailed description about the data processing module 230 may refer to the description about step S140 and step S150 in fig. 1.
Referring to fig. 7 again, the stack protection apparatus 200 further includes: a thread creation module 210 and a stack processing module 220.
A thread creating module 210 for creating a thread.
In this embodiment, the thread creating module 210 is configured to execute step S110 in fig. 2, and the detailed description about the thread creating module 210 may refer to the description about step S110 in fig. 2.
A stack processing module 220, configured to divide a stack corresponding to a thread into the stack protection area and the user thread stack area.
The stack processing module 220 is further configured to store information related to the thread in a corresponding stack area.
In this embodiment, the stack processing module 220 is configured to execute the steps S120 and S130 in fig. 2, and the detailed description about the stack processing module 220 may refer to the descriptions of the steps S120 and S130 in fig. 2.
Referring to fig. 7 again, the stack protection apparatus 200 further includes: a detection module 240 and an exception handling module 250.
A detecting module 240, configured to detect whether the stack is attacked.
In this embodiment, the detection module 240 is configured to perform step S160 in fig. 5, and the detailed description about the detection module 240 may refer to the description of step S160 in fig. 5.
And the exception handling module 250 is used for triggering an exception signal when the stack is attacked, and calling a signal processing function to collect the basic information of the thread and the exception information of the stack which is attacked.
In this embodiment, the exception handling module 250 is configured to execute step S170 in fig. 5, and the detailed description about the exception handling module 250 may refer to the description about step S170 in fig. 5.
Referring to fig. 7 again, the apparatus further includes:
a revoking module 260, configured to revoke the stack protection area in the stack corresponding to the thread.
In this embodiment, the revocation module 260 is configured to execute step S180 in fig. 6, and the detailed description about the revocation module 260 may refer to the description of step S180 in fig. 6.
In summary, the preferred embodiment of the present invention provides a stack protection method and apparatus. The method is applied to the network equipment and comprises the following steps: and executing a user thread function corresponding to the thread to obtain data information generated in the process of executing the user thread function. And dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises a stack protection area and the user thread stack area.
Therefore, stack protection areas are arranged at two ends of a user thread stack area to limit the overflow range of the stack and the damage influence range of the stack after being attacked, so that the basic information of the thread is prevented from being damaged, and the process is prevented from being hung up and quit to cause equipment restart.
And when the stack is detected to be attacked, an abnormal signal is triggered, and the basic information of the thread and the abnormal information of the stack which is attacked are collected, so that the condition of the thread is known, and the source of the abnormal problem is located and traced.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (7)
1. A stack protection method is applied to a network device, and the method comprises the following steps:
executing a user thread function corresponding to a thread, and acquiring data information generated in the process of executing the user thread function;
dynamically writing the data information into a user thread stack area in a stack corresponding to a thread, wherein the stack comprises: the system comprises a user thread stack area, two stack protection areas, a signal stack area and a basic stack area, wherein the user thread stack area is positioned between the two stack protection areas, and the signal stack area is positioned between one stack protection area and the basic stack area;
in the process of dynamically writing the data information into the user thread stack area in the stack corresponding to the thread, the method further comprises:
detecting whether the stack is attacked;
if so, triggering an abnormal signal, calling a signal processing function, accessing parameter information of the signal processing function stored in the signal stack area, collecting basic information of the thread and abnormal information of the stack attacked through an interception signal, and positioning and tracing an abnormal problem source according to the acquired related information of the stack.
2. The method according to claim 1, wherein before the step of obtaining the data information generated during the execution of the user thread function by the user thread function corresponding to the execution thread, the method further comprises:
creating a thread;
dividing a stack corresponding to a thread into a user thread stack area, two stack protection areas, a signal stack area and a basic stack area;
information associated with the thread is stored in the corresponding stack area.
3. The method of claim 2, wherein the step of storing information associated with the thread in the corresponding stack area comprises:
storing the basic parameter information of the thread into a basic stack area;
storing parameter information of the signal processing function in a signal stack area;
setting an out-of-range identifier for each stack protection area, wherein the mode of setting the out-of-range identifier comprises the following steps: setting a stack area address access type and/or setting an out-of-range identifier;
and storing the user thread function and the parameter information of the function into the user thread stack area.
4. A method according to claim 1 or 2, wherein the step of detecting whether the stack is under attack comprises:
detecting whether a stack area address of the data information written into the user thread stack area is out of range;
when the boundary is crossed, the thread stack is judged to be attacked.
5. A stack protection apparatus, wherein the apparatus is applied to a network device, the apparatus comprising:
the data processing module is used for executing a user thread function corresponding to a thread and acquiring data information generated in the process of executing the user thread function;
the data processing module is further configured to dynamically write the data information into a user thread stack area in a stack corresponding to a thread, where the stack includes: the system comprises a user thread stack area, two stack protection areas, a signal stack area and a basic stack area, wherein the user thread stack area is positioned between the two stack protection areas, and the signal stack area is positioned between one stack protection area and the basic stack area;
the device further comprises:
the detection module is used for detecting whether the stack is attacked or not;
and the exception handling module is used for triggering an exception signal, calling a signal processing function, accessing parameter information of the signal processing function stored in the signal stack area, collecting basic information of a thread and the attacked exception information of the stack through an interception signal, and positioning and tracing the source of the exception problem according to the acquired relevant information of the stack.
6. The apparatus of claim 5, further comprising:
the thread creating module is used for creating a thread;
the stack processing module is used for dividing the stack corresponding to the thread into a user thread stack area, two stack protection areas, a signal stack area and a basic stack area;
and the stack processing module is also used for storing the information related to the thread into the corresponding stack area.
7. The apparatus of claim 6, wherein the stack processing module stores information associated with a thread in a corresponding stack area by:
storing the basic parameter information of the thread into a basic stack area;
storing parameter information of the signal processing function in a signal stack area;
setting an out-of-range identifier for each stack protection area, wherein the mode of setting the out-of-range identifier comprises the following steps: setting a stack area address access type and/or setting an out-of-range identifier;
and storing the user thread function and the parameter information of the function into the user thread stack area.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710868460.XA CN107632936B (en) | 2017-09-22 | 2017-09-22 | Stack protection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710868460.XA CN107632936B (en) | 2017-09-22 | 2017-09-22 | Stack protection method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107632936A CN107632936A (en) | 2018-01-26 |
| CN107632936B true CN107632936B (en) | 2020-08-18 |
Family
ID=61103602
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710868460.XA Active CN107632936B (en) | 2017-09-22 | 2017-09-22 | Stack protection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107632936B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110362991A (en) * | 2019-07-19 | 2019-10-22 | 上海睿赛德电子科技有限公司 | A kind of method of the thread stack space protection of real time operating system |
| CN113986563B (en) * | 2021-12-29 | 2022-04-19 | 北京智芯微电子科技有限公司 | Intelligent electric meter and system kernel address validity detection method and detection device thereof |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106648549A (en) * | 2017-01-03 | 2017-05-10 | 北京华胜信泰数据技术有限公司 | Processing method and system for thread stack |
| CN107015904A (en) * | 2016-01-28 | 2017-08-04 | 中兴通讯股份有限公司 | The guard method of storehouse and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080016305A1 (en) * | 2006-07-12 | 2008-01-17 | International Business Machines Corporation | Implementation of Soft Protections to Safeguard Program Execution |
-
2017
- 2017-09-22 CN CN201710868460.XA patent/CN107632936B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107015904A (en) * | 2016-01-28 | 2017-08-04 | 中兴通讯股份有限公司 | The guard method of storehouse and device |
| CN106648549A (en) * | 2017-01-03 | 2017-05-10 | 北京华胜信泰数据技术有限公司 | Processing method and system for thread stack |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107632936A (en) | 2018-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10387649B2 (en) | Detecting malware when executing in a system | |
| JP6643128B2 (en) | Security event detection method, apparatus, and tangible computer readable storage medium through virtual machine introspection | |
| Jones et al. | VMM-based hidden process detection and identification using Lycosid | |
| US9282112B2 (en) | System and method for determining category of trust of applications performing interface overlay | |
| US9779240B2 (en) | System and method for hypervisor-based security | |
| KR101174751B1 (en) | Malware auto-analysis system and method using kernel call-back mechanism | |
| CN106991324B (en) | Malicious code tracking and identifying method based on memory protection type monitoring | |
| US9513911B2 (en) | Method of detecting stack overflows and processor for implementing such a method | |
| CN107632936B (en) | Stack protection method and device | |
| CN108920253B (en) | Agent-free virtual machine monitoring system and monitoring method | |
| US10089474B2 (en) | Virtual machine introspection | |
| CN114996064A (en) | Memory detection method, device, equipment and storage medium | |
| CN111428240B (en) | Method and device for detecting illegal access of memory of software | |
| CN104268193A (en) | Advertisement webpage intercepting method and device | |
| US11449618B2 (en) | Active testing of access control policy | |
| CN113467981A (en) | Exception handling method and device | |
| US20180260563A1 (en) | Computer system for executing analysis program, and method of monitoring execution of analysis program | |
| CN113518055B (en) | Data security protection processing method and device, storage medium and terminal | |
| CN111143851A (en) | Detection method and system suitable for leakage of kernel object address of operating system | |
| KR100746944B1 (en) | Method for preventing leakage of information and recording medium storeing program therefor | |
| CN114338145B (en) | Safety protection method and device and electronic equipment | |
| CN114912113A (en) | Method for judging harmful program based on process token | |
| CN110476153A (en) | The method and electronic equipment of access instruction SRAM | |
| KR20140024664A (en) | Program data change protecting apparatus and program data change protecting method | |
| KR101012669B1 (en) | Malicious program detector for scanning a illegal memory access and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |