CN111797067A - Method and device for acquiring file path for file read-write operation - Google Patents
Method and device for acquiring file path for file read-write operation Download PDFInfo
- Publication number
- CN111797067A CN111797067A CN202010943794.0A CN202010943794A CN111797067A CN 111797067 A CN111797067 A CN 111797067A CN 202010943794 A CN202010943794 A CN 202010943794A CN 111797067 A CN111797067 A CN 111797067A
- Authority
- CN
- China
- Prior art keywords
- file
- log
- write
- read
- file read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/11—File system administration, e.g. details of archiving or snapshots
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
- G06F16/162—Delete operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/543—User-generated data transfer, e.g. clipboards, dynamic data exchange [DDE], object linking and embedding [OLE]
Abstract
The invention provides a method and a device for acquiring a file path aiming at file read-write operation. The method for acquiring the file path aiming at the file read-write operation comprises the following steps: generating a file read-write log based on a file read-write request of a target file; converting the file read-write log into a copy log; and acquiring the path of the target file according to the copy log. According to the method for acquiring the file path aiming at the file read-write operation, the file read-write operation of the application program of the software is converted into the copy operation, so that the tracking of the file copy behavior is realized, the circulation of private file data can be verified, and the safety and the compliance of the file circulation are ensured.
Description
Technical Field
The invention relates to the technical field of software processing, in particular to a method and a device for acquiring a file path aiming at file read-write operation.
Background
In the process of reading and writing the file, the circulation path of the file cannot be acquired, so that the track of the file cannot be accurately positioned, private data can be lost and cannot be verified, and a lot of potential safety hazards are brought to user data.
Disclosure of Invention
The invention provides a method and a device for acquiring a file path for file read-write operation, aiming at solving the technical problem of how to acquire the file circulation path for the read-write operation of a file.
The method for acquiring the file path aiming at the file read-write operation comprises the following steps:
generating a file read-write log based on a file read-write request of a target file;
converting the file read-write log into a copy log;
and acquiring the path of the target file according to the copy log.
According to the method for acquiring the file path aiming at the file read-write operation, the file read-write operation of the application program of the software is converted into the copy operation, so that the tracking of the file copy behavior is realized, the circulation of private file data can be verified, and the safety and the compliance of the file circulation are ensured.
According to some embodiments of the invention, the file read-write log comprises:
a file read log generated based on a read request for a target file; and
a file write log generated based on a write request to a target file.
In some embodiments of the present invention, the converting the file read-write log into a copy log includes:
receiving the file read-write log;
judging whether the file read-write log is a file read log, if so, storing the file read log;
receiving the file read-write log again;
judging whether the file read-write log is a file write log, if so, judging whether the file write log corresponds to the stored file read log;
and if so, converting the file read log into a copy log.
According to some embodiments of the invention, the file write log is cleared after the file read log is converted to a copy log.
In some embodiments of the present invention, determining whether the file write log corresponds to the stored file read log includes:
and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
The device for acquiring the file path aiming at the file read-write operation according to the embodiment of the invention comprises the following components:
the read-write log generation module is used for generating a file read-write log based on a file read-write request of a target file;
the copy log generation module is used for converting the file read-write log into a copy log;
and the path searching module is used for acquiring the path of the target file according to the copy log.
According to the device for acquiring the file path aiming at the file read-write operation, when the target file is subjected to the read-write operation, the read-write log generation module generates the corresponding file read-write log, the copy log generation module converts the file read-write log into the copy log, and the copy log can record the circulation path of the target file, so that the circulation path of the target file can be conveniently and accurately acquired through the path search module.
According to some embodiments of the invention, the file read-write log comprises:
the read-write log generation module generates a file read log based on a read request of a target file; and
the read-write log generation module generates a file write log based on a write request for a target file.
In some embodiments of the invention, the copy log generation module includes:
the receiving module is used for receiving the file read-write log;
the first judging module is used for judging the type of the file read-write log;
the second judgment module is used for judging whether the file write log corresponds to the file read log;
and the conversion module is used for converting the file read log into a copy log.
According to some embodiments of the invention, the obtaining means further comprises:
and the log clearing module is used for clearing the file write log after the conversion module converts the file read log into the copy log.
In some embodiments of the present invention, the determining module is specifically configured to:
and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
Drawings
Fig. 1 is a flowchart of a method for acquiring a file path for a file read/write operation according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for obtaining a file path for a file read/write operation according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for acquiring a file path for a file read/write operation according to an embodiment of the present invention.
Reference numerals:
the acquisition means (100) are arranged to acquire,
a read-write log generation module 10 for generating a read-write log,
a copy log generation module 20, a path search module 30 and a log clearing module 40.
Detailed Description
To further explain the technical means and effects of the present invention adopted to achieve the intended purpose, the present invention will be described in detail with reference to the accompanying drawings and preferred embodiments.
As shown in fig. 1, the method for acquiring a file path for a file read/write operation according to an embodiment of the present invention includes:
s100, generating a file read-write log based on a file read-write request of a target file;
that is, when a read-write request operation for a target file is received, a corresponding file read-write log may be generated. The generation method of the file read-write log is a mature technical means in the field, and the specific generation process is not described herein again.
S200, converting the file read-write log into a copy log;
and S300, acquiring a path of the target file according to the copy log.
It should be noted that, when a target file is read and written, a circulation path of the file cannot be acquired, so that the track of the file cannot be accurately located. By converting the file read-write log into a copy log, the copy log records the circulation path of the target file.
According to the method for acquiring the file path aiming at the file read-write operation, the file read-write operation of the application program of the software is converted into the copy operation, so that the tracking of the file copy behavior is realized, the circulation of private file data can be verified, and the safety and the compliance of the file circulation are ensured.
According to some embodiments of the invention, the file read-write log comprises: a file read log generated based on a read request to the target file and a file write log generated based on a write request to the target file. That is, when a read request operation is performed on a target file, a corresponding file read log may be generated. When a write request operation is performed on a target file, a corresponding file write log may be generated.
In some embodiments of the present invention, as shown in fig. 2, converting the file read-write log into the copy log includes:
a100, receiving a file read-write log;
a200, judging whether the file read-write log is a file read log, if so, storing the file read log; if not, no processing is performed.
A300, receiving the file read-write log again;
a400, judging whether the file read-write log is a file write log; if so, judging whether the file write log corresponds to the stored file read log;
and A500, if so, converting the file read log into a copy log.
According to some embodiments of the invention, after converting the file read log to a copy log, the file write log is cleared. Therefore, the memory space can be released and cleaned.
In some embodiments of the present invention, determining whether the file write log corresponds to the stored file read log comprises:
and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
That is, in determining whether the file write log corresponds to the stored file read log, the determination may be compared from at least one of the process ID, the thread ID, the file name, the operation size, the file size, and the file content.
As shown in fig. 3, an apparatus 100 for acquiring a file path for a file read/write operation according to an embodiment of the present invention includes: a read-write log generation module 10, a copy log generation module 20 and a path search module 30.
The read-write log generating module 10 is configured to generate a file read-write log based on a file read-write request for a target file;
the copy log generation module 20 is configured to convert the file read-write log into a copy log;
the path finding module 30 is configured to obtain a path of the target file according to the copy log.
According to the apparatus 100 for acquiring a file path for file read-write operation of the embodiment of the present invention, when a target file is read-write operated, the read-write log generating module 10 generates a corresponding file read-write log, the copy log generating module 20 converts the file read-write log into a copy log, and the copy log records a flow path of the target file, so that the flow path of the target file can be conveniently and accurately acquired through the path searching module 30.
In some embodiments of the present invention, the copy log generation module 20 includes: the device comprises a receiving module, a first judging module, a second judging module and a converting module.
The receiving module is used for receiving the file read-write log. The first judging module is used for judging the type of the file read-write log, and the second judging module is used for judging whether the file write log corresponds to the file read log. The conversion module is used for converting the file read log into a copy log.
The specific process of the copy log generation module 20 converting the file read-write log into the copy log is as follows:
s1, the receiving module receives the file read-write log;
s2, the first judging module judges whether the file read-write log is the file read log, if yes, the file read log is stored; if not, no processing is performed.
S3, the receiving module receives the file read-write log again;
s4, the first judging module judges whether the file read-write log is the file write log; if so, the second judging module judges whether the file write log corresponds to the stored file read log;
and S5, if so, the conversion module converts the file read log into a copy log.
According to some embodiments of the invention, the obtaining means 100 further comprises: and the log clearing module 40 is used for clearing the file write log after the conversion module converts the file read log into the copy log.
It should be noted that, after the copy log generation module 20 converts the file read log into the copy log, the log clearing module 40 clears the file write log. Therefore, the memory space can be released and cleaned.
In some embodiments of the present invention, the determining module is specifically configured to: and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
That is, the determination module may compare the determination from at least one of the process ID, the thread ID, the file name, the operation size, the file size, and the file content when determining whether the file write log corresponds to the stored file read log.
The following describes a method and an apparatus for acquiring a file path for a file read/write operation according to the present invention in a specific embodiment with reference to the accompanying drawings. It is to be understood that the following description is only exemplary in nature and should not be taken as a specific limitation on the invention.
As shown in fig. 3, the apparatus 100 for acquiring a file path for a file read/write operation includes: the system comprises a read-write log generation module 10, a copy log generation module 20, a path search module 30 and a log clearing module 40.
The read-write log generating module 10 is configured to generate a file read-write log based on a file read-write request for a target file; the copy log generation module 20 is configured to convert the file read-write log into a copy log; the path finding module 30 is configured to obtain a path of the target file according to the copy log. The log clearing module 40 is configured to clear the corresponding file write log after converting the file read log into the file write log.
Referring to fig. 2, the method for obtaining a path of a target file includes:
s10, filtering the file read-write request sent by the driver acquisition process, generating a log by the program file read-write request, sending the log to a copy log generation system, and entering S20;
s20, the copy log generation system judges whether it is file read log, if yes, it stores the log. If not, not processing;
s30, the copy log generation system judges whether the log is a file write log, if so, the log is compared with the log stored in S20, the comparison process ID, the thread ID, the file name, the operation size, the file size and the file content are consistent, and the operation enters S40; if not, not processing;
and S40, modifying the program file read log into a copy log, and clearing the file write log.
The method and the device for acquiring the file path aiming at the file read-write operation have the following beneficial effects that:
the problem that the copy files in the process cannot be tracked is solved, the reading and writing operation of the application program files of the software is converted into the copy operation, the tracking of the copying behavior of the files is realized, the circulation of private file data can be verified, and the compliance of file circulation is ensured.
While the invention has been described in connection with specific embodiments thereof, it is to be understood that it is intended by the appended drawings and description that the invention may be embodied in other specific forms without departing from the spirit or scope of the invention.
Claims (6)
1. A method for acquiring a file path for file read-write operation is characterized by comprising the following steps:
generating a file read-write log based on a file read-write request of a target file;
converting the file read-write log into a copy log;
acquiring a path of the target file according to the copy log; the file read-write log comprises:
a file read log generated based on a read request for a target file; and
a file write log generated based on a write request to a target file; the converting the file read-write log into a copy log includes:
receiving the file read-write log;
judging whether the file read-write log is a file read log, if so, storing the file read log;
receiving the file read-write log again;
judging whether the file read-write log is a file write log, if so, judging whether the file write log corresponds to the stored file read log;
and if so, converting the file read log into a copy log.
2. The method according to claim 1, wherein the file write log is cleared after the file read log is converted into the copy log.
3. The method according to claim 1, wherein determining whether the file write log corresponds to the stored file read log comprises:
and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
4. An apparatus for obtaining a file path for a file read-write operation, comprising:
the read-write log generation module is used for generating a file read-write log based on a file read-write request of a target file;
the copy log generation module is used for converting the file read-write log into a copy log;
the path searching module is used for acquiring the path of the target file according to the copy log;
the file read-write log comprises:
the read-write log generation module generates a file read log based on a read request of a target file; and
the read-write log generation module generates a file write log based on a write request for a target file;
the copy log generation module includes:
the receiving module is used for receiving the file read-write log;
the first judging module is used for judging the type of the file read-write log;
the second judgment module is used for judging whether the file write log corresponds to the file read log;
and the conversion module is used for converting the file read log into a copy log.
5. The apparatus for acquiring file path for file read/write operation according to claim 4, further comprising:
and the log clearing module is used for clearing the file write log after the conversion module converts the file read log into the copy log.
6. The apparatus according to claim 4, wherein the determining module is specifically configured to:
and comparing whether at least one of the process ID, the thread ID, the file name, the operation size, the file size and the file content in the file write log and the stored file read log corresponds to each other.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010943794.0A CN111797067B (en) | 2020-09-10 | 2020-09-10 | Method and device for acquiring file path for file read-write operation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010943794.0A CN111797067B (en) | 2020-09-10 | 2020-09-10 | Method and device for acquiring file path for file read-write operation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111797067A true CN111797067A (en) | 2020-10-20 |
| CN111797067B CN111797067B (en) | 2020-12-08 |
Family
ID=72834215
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010943794.0A Active CN111797067B (en) | 2020-09-10 | 2020-09-10 | Method and device for acquiring file path for file read-write operation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111797067B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112445773A (en) * | 2021-02-01 | 2021-03-05 | 北京志翔科技股份有限公司 | Method and device for generating decompression log of compressed file and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120131072A1 (en) * | 2010-11-18 | 2012-05-24 | Fuentes Ii Hector | System and Method for removing Master File Table ($MFT) File Record Segments (FRS) |
| CN103942269A (en) * | 2014-03-26 | 2014-07-23 | 北京京东尚科信息技术有限公司 | Method and device for operating file system |
| CN104731921A (en) * | 2015-03-26 | 2015-06-24 | 江苏物联网研究发展中心 | Method for storing and processing small log type files in Hadoop distributed file system |
| US20150339196A1 (en) * | 2009-03-20 | 2015-11-26 | Ricoh Company, Ltd. | Obtaining Complete Forensic Images Of Electronic Storage Media |
| CN105607986A (en) * | 2015-01-06 | 2016-05-25 | 北京志翔科技股份有限公司 | Acquisition method and device of user behavior log data |
| CN110516444A (en) * | 2019-07-23 | 2019-11-29 | 成都理工大学 | Cross-terminal cross-version Root attack detecting and guard system based on kernel |
-
2020
- 2020-09-10 CN CN202010943794.0A patent/CN111797067B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150339196A1 (en) * | 2009-03-20 | 2015-11-26 | Ricoh Company, Ltd. | Obtaining Complete Forensic Images Of Electronic Storage Media |
| US20120131072A1 (en) * | 2010-11-18 | 2012-05-24 | Fuentes Ii Hector | System and Method for removing Master File Table ($MFT) File Record Segments (FRS) |
| CN103942269A (en) * | 2014-03-26 | 2014-07-23 | 北京京东尚科信息技术有限公司 | Method and device for operating file system |
| CN105607986A (en) * | 2015-01-06 | 2016-05-25 | 北京志翔科技股份有限公司 | Acquisition method and device of user behavior log data |
| CN104731921A (en) * | 2015-03-26 | 2015-06-24 | 江苏物联网研究发展中心 | Method for storing and processing small log type files in Hadoop distributed file system |
| CN110516444A (en) * | 2019-07-23 | 2019-11-29 | 成都理工大学 | Cross-terminal cross-version Root attack detecting and guard system based on kernel |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112445773A (en) * | 2021-02-01 | 2021-03-05 | 北京志翔科技股份有限公司 | Method and device for generating decompression log of compressed file and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111797067B (en) | 2020-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110442560B (en) | Log replay method, device, server and storage medium | |
| US8621282B1 (en) | Crash data handling | |
| CN107122290B (en) | Method and device for recording log information | |
| US11176110B2 (en) | Data updating method and device for a distributed database system | |
| CN111797067B (en) | Method and device for acquiring file path for file read-write operation | |
| US6457014B1 (en) | System and method for extracting index key data fields | |
| CN115016973A (en) | Method, device, equipment and medium for reproducing program crash event | |
| KR101990329B1 (en) | Method and apparatus for improving database recovery speed using log data analysis | |
| CN110134538B (en) | Method, device, medium and electronic equipment for quickly positioning problem log | |
| CN110727597B (en) | Method for checking invalid code completion case based on log | |
| CN109343985B (en) | Data processing method, device and storage medium | |
| CN106909514B (en) | Method and device for positioning snapshot disk address | |
| CN117112522A (en) | Concurrent process log management method, device, equipment and storage medium | |
| CN111552618A (en) | Method and device for collecting logs | |
| CN108549704B (en) | Distributed streaming preprocessing method, device, equipment and readable medium for data packet | |
| CN115455059A (en) | Method, device and related medium for analyzing user behavior based on underlying data | |
| CN111737223B (en) | File copying method, device, equipment and storage medium | |
| CN102236748A (en) | Computer software protection method | |
| CN113760696A (en) | Program problem positioning method and device, electronic equipment and storage medium | |
| CN112632211A (en) | Semantic information processing method and equipment for mobile robot | |
| CN113296660A (en) | Image processing method and device and electronic equipment | |
| CN111737158A (en) | Abnormal assertion processing method and device, electronic equipment and storage medium | |
| JP3419392B2 (en) | Memory access monitoring device, memory access monitoring method, and recording medium recording memory access monitoring program | |
| CN113886338B (en) | Method, device and storage medium for reverse tracing of outer link | |
| JP6968962B1 (en) | Correct answer data generator, method, and program for handwriting recognition |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |