CN113672997A - File protection method, computing device and storage medium - Google Patents

File protection method, computing device and storage medium Download PDF

Info

Publication number
CN113672997A
CN113672997A CN202111225053.XA CN202111225053A CN113672997A CN 113672997 A CN113672997 A CN 113672997A CN 202111225053 A CN202111225053 A CN 202111225053A CN 113672997 A CN113672997 A CN 113672997A
Authority
CN
China
Prior art keywords
file
files
piling
pile
nodes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111225053.XA
Other languages
Chinese (zh)
Other versions
CN113672997B (en
Inventor
张伟
孙建民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Uniontech Software Technology Co Ltd
Original Assignee
Uniontech Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Uniontech Software Technology Co Ltd filed Critical Uniontech Software Technology Co Ltd
Priority to CN202111225053.XA priority Critical patent/CN113672997B/en
Priority to CN202210061780.5A priority patent/CN114386108A/en
Publication of CN113672997A publication Critical patent/CN113672997A/en
Application granted granted Critical
Publication of CN113672997B publication Critical patent/CN113672997B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/16File or folder operations, e.g. details of user interfaces specifically adapted to file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Human Computer Interaction (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a file protection method, a computing device and a storage medium, and the method comprises the following steps: determining the number of file nodes in the file partition; setting the rare degree of the piling files, and calculating the number of the piling files according to the rare degree of the piling files and the number of file nodes; creating a plurality of pile driving files according to the number of the pile driving files, and storing the pile driving files in file nodes in the file partitions; when an operation instruction for the file node is received and executed, judging whether a piling file in the file node is changed or not; and if the pile-driven file is judged to be changed, stopping executing the operation instruction so as to protect other files or folders in the file node. The invention can avoid the damage of the file or the folder of the protected file partition caused by improper operation behaviors, prevent the malicious tampering of the file by viruses and prevent the loss of important files caused by manual misoperation.

Description

File protection method, computing device and storage medium
Technical Field
The present invention relates to the field of system security, and in particular, to a file protection method, a computing device, and a storage medium.
Background
With the development of computer technology, the security requirements on computer storage files are higher and higher. When the stored file needs to be protected at present, the operation authority of the file can be set. When the operation instruction for the file does not have the operation right, the operation instruction is refused to be executed, so that the protection effect on the file is achieved. But only the file itself is protected, and the effect of the file cannot be achieved; if a file node that is an upper directory of the file is destroyed or a file partition storing the file is attacked, the file is also destroyed.
In the prior art, a secure file directory may be set, and a file to be protected is loaded into the file directory, or a folder to be protected is mounted under the secure file directory. However, if the secure file directory is attacked, such as deleted or hijacked, effective protection of the file or folder to be protected still cannot be achieved, the file transfer process is also increased, and the security is reduced.
For this reason, a new file protection method is required.
Disclosure of Invention
To this end, the present invention provides a file protection method that seeks to solve, or at least mitigate, the above-identified problems.
According to one aspect of the present invention, there is provided a file protection method adapted to be executed in a computing device, the computing device comprising one or more file partitions, the method comprising the steps of: determining the number of file nodes in the file partition; setting the rare degree of the piling files, and calculating the number of the piling files according to the rare degree of the piling files and the number of file nodes; creating a plurality of pile driving files according to the number of the pile driving files, and storing the pile driving files in file nodes in the file partitions; when an operation instruction for the file node is received and executed, judging whether a piling file in the file node is changed or not; and if the pile-driven file is judged to be changed, stopping executing the operation instruction so as to protect other files or folders in the file node.
Optionally, in the method according to the present invention, calculating the number of piled files according to the rarity of piled files and the number of file nodes comprises the steps of: multiplying the pile driving file rarity and the file node number to obtain the pile driving file number.
Optionally, in the method according to the present invention, creating a plurality of pile-driven files according to the number of pile-driven files, the storing in the file node in the file partition includes the steps of: and if the file node comprises one or more files, creating the pile-driving file according to the file name, the file type and the file size of the file.
Optionally, in the method according to the present invention, creating the file according to the file name, the file type, and the file size of the file comprises the steps of: setting the file type of the file as the file type of the piling file; setting the file name of the piling file according to the file name of the file, so that the piling file is the first file when the files under the file nodes are sorted according to the file names; setting the size of the piling file according to the file size of the file, so that the file size of the piling file is larger than the file size of the file; and constructing the piling file according to the file type, the file name and the file size of the set piling file.
Optionally, in the method according to the present invention, further comprising the step of: and if the file nodes comprise one or more folders, creating the piling folder according to the file names of the folders.
Optionally, in the method according to the present invention, creating the pileup folder according to the file name of the folder comprises the steps of: and setting the file name of the piling file according to the file name of the file folder, so that the piling file folder is the first file folder when the file folders under the file nodes are sorted according to the file names.
Optionally, in the method according to the present invention, further comprising the step of: performing incremental file monitoring on the file partitions; when it is monitored that a file or a folder is newly built in the file partition, a piling file is built under a file node where the newly built file or the newly built folder is located.
Optionally, in the method according to the present invention, further comprising the step of: converting the file content of the pile-driving file into a file array; and carrying out binary conversion on the file array, and obtaining a first characteristic value of the piling file according to the digit of the file array in the binary form.
Optionally, in the method according to the present invention, determining whether a pile-driven file in the file node is changed includes: calculating a second characteristic value of the piling file after the operation instruction is executed; and comparing the second characteristic value with the first characteristic value to determine whether the piling file is changed.
Optionally, in the method according to the present invention, the computing device is further connected in communication with a control server, the control server is connected with one or more computing devices, and the method further includes: receiving and installing a test installation package constructed by a control server; storing a plurality of pile driving files in file nodes of the installed test installation package; executing the test task in the test installation package to obtain test data, and sending the test data to the control server; when a test task is executed, when an operation instruction for a file node of a test installation package is received and executed, whether a piling file in the file node is changed or not is judged; and if the pile-driving file is judged to be changed, stopping executing the operation instruction so as to protect other files or folders in the file nodes of the test installation package.
According to another aspect of the present invention, there is provided a computing device performance testing method adapted to be executed in a control server communicatively connected to a task server and a plurality of computing devices, the method comprising the steps of: receiving a test task created by a task server, and constructing a test installation package according to the test task; sending the test installation package to a plurality of computing devices so that the computing devices can install the received test installation package and execute the test tasks in the test installation package to obtain test data; receiving test data sent by each computing device to obtain a plurality of items of test data; and drawing a test data table according to the plurality of items of test data, and sending the test data table to the task server so that the task server can evaluate the performance of each computing device according to the test data table.
Optionally, in the method according to the present invention, further comprising the step of: establishing a monitoring process, and monitoring a test instruction from a task server according to the monitoring process; when a test instruction from the task server is monitored, the received test instruction is sent to a plurality of computing devices connected with the control server, so that the computing devices execute the test task according to the test instruction.
Optionally, in the method according to the present invention, the control server is further connected to a data server in communication, and the method further includes the steps of: and sending the received multiple items of test data to a data server, and storing the test data in the data server so that the task server can inquire the stored test data.
According to another aspect of the present invention, there is provided a computing device comprising: one or more processors; a memory; and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the one or more programs including instructions for performing a file protection method in accordance with the present invention.
According to yet another aspect of the present invention, there is provided a computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform a file protection method according to the present invention.
The file protection method is suitable for being executed in a computing device, and the computing device comprises one or more file partitions. Firstly, setting the rare degree of pile driving files by determining the number of file nodes in a file partition, and calculating the number of pile driving files according to the rare degree of pile driving files and the number of file nodes; creating a plurality of piling files according to the number of the piling files; storing a plurality of pile-driving files in file nodes in the file partition. The number of the pile-driving files can be adjusted according to the file rarity, and when the file rarity is low, the number of the pile-driving files is correspondingly reduced; when the file is high in rarity, the number of the piled files is correspondingly high, and the file partition protection method has a good protection effect on the files partitioned by the files. When the operation instruction of the file node is received and executed, whether the pile-driven file in the file node is changed or not is judged, if the pile-driven file is judged to be changed, the operation instruction is stopped being executed, so that other files or folders in the file node are protected, the situation that the files or folders of a file partition to be protected are damaged by improper operation can be avoided, malicious tampering of the files by viruses is prevented, and important files are lost due to manual misoperation is avoided.
Drawings
To the accomplishment of the foregoing and related ends, certain illustrative aspects are described herein in connection with the following description and the annexed drawings, which are indicative of various ways in which the principles disclosed herein may be practiced, and all aspects and equivalents thereof are intended to be within the scope of the claimed subject matter. The above and other objects, features and advantages of the present disclosure will become more apparent from the following detailed description when read in conjunction with the accompanying drawings. Throughout this disclosure, like reference numerals generally refer to like parts or elements.
FIG. 1 shows a schematic diagram of a computing device testing system 100 according to an example embodiment of the invention;
FIG. 2 illustrates a block diagram of a computing device 200, according to an exemplary embodiment of the invention; and
FIG. 3 shows a flowchart of a file protection method 300 according to an exemplary embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. Like reference numerals generally refer to like parts or elements.
FIG. 1 shows a schematic diagram of a computing device testing system 100 according to an exemplary embodiment of the present invention, and a file protection method 300 of the present invention can protect files in the following application scenarios. As shown in FIG. 1, the computing device testing system 100 includes a control server 140, a task server 150 communicatively coupled to the control server 140, a data server 160, and a computing device 200. The connection mode between the computing device 200 and the control server 140 in fig. 1 is only exemplary, the number of the computing devices connected to the control server 140 is not limited in the present invention, and the control server 140 may be connected to hundreds or thousands of computing devices, so as to implement simultaneous testing of a large batch of computing devices, and improve the testing efficiency.
The task server 150 creates a test task and transmits the test task to the control server 140 so that the control server 140 generates a test installation package according to the test task. A test command is also generated and sent to the control server 140. The test instruction instructs the computing device 200 that installs the test installation package to execute the test items in the test task for testing, and generate test data.
The control server 140 receives the test task and the test command sent by the task server 150, and generates a test installation package according to the test task. The control server 140 further issues the test installation package to the connected computing devices 200, forwards the test command to the computing devices 200, receives the test data returned by each computing device, obtains multiple items of test data, and further draws a test data table according to the multiple items of test data, so that the task server 150 performs performance evaluation on each computing device according to the test data table.
According to an embodiment of the present invention, the control server 140 may be provided with a plurality of backup servers (not shown), and the control server 140 is communicatively connected to the plurality of backup servers. When the control server 140 fails, the control server 140 timely transfers the communication connection with the plurality of computing devices 200 to the backup server, the backup server serves as the control server, receives the test tasks and the test commands of the task server 150, creates the test installation package, issues the test installation package to the computing devices 200, and forwards the test commands. The backup server also receives the test data of each computing device to obtain a plurality of items of test data, and draws a test data table according to the plurality of items of test data, so that the task server 150 performs performance evaluation on each computing device according to the test data table.
The computing device 200 receives the test installation package, and installs the test installation package according to the received test installation package; the computing device 200 stores a plurality of pile driving files in file nodes of the installed test installation package to protect the installed test installation package; and receiving the test command, executing the test task in the test installation package according to the test command to obtain test data, and transmitting the test data back to the control server 140. The pile driving file refers to a file or a folder used for protecting a file or a folder under a file node where the pile driving file is located.
The specific structures of the control server 140, the task server 150 communicatively connected to the control server 140, the data server 160, and the computing device 200 in fig. 1 may be implemented as computing devices as shown in fig. 2. FIG. 2 illustrates a block diagram of a computing device 200, according to an exemplary embodiment of the invention. As shown in FIG. 2, in a basic configuration 202, a computing device 200 typically includes a system memory 206 and one or more processors 204. A memory bus 208 may be used for communication between the processor 204 and the system memory 206.
Depending on the desired configuration, the processor 204 may be any type of processing, including but not limited to: a microprocessor (μ P), a microcontroller (μ C), a digital information processor (DSP), or any combination thereof. The processor 204 may include one or more levels of cache, such as a level one cache 210 and a level two cache 212, a processor core 214, and registers 216. Example processor cores 214 may include Arithmetic Logic Units (ALUs), Floating Point Units (FPUs), digital signal processing cores (DSP cores), or any combination thereof. The example memory controller 218 may be used with the processor 204, or in some implementations the memory controller 218 may be an internal part of the processor 204.
Depending on the desired configuration, system memory 206 may be any type of memory, including but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. System memory 206 may include an operating system 220, one or more programs 222, and program data 228. In some embodiments, the program 222 may be arranged to execute the instructions 223 of the method 300 according to the invention on an operating system by one or more processors 204 using the program data 228.
Computing device 200 may also include a storage interface bus 234. The storage interface bus 234 enables communication from the storage devices 232 (e.g., removable storage 236 and non-removable storage 238) to the basic configuration 202 via the bus/interface controller 230. Operating system 220, programs 222, and at least a portion of data 224 can be stored on removable storage 236 and/or non-removable storage 238, and loaded into system memory 206 via storage interface bus 234 and executed by one or more processors 204 when computing device 200 is powered on or programs 222 are to be executed.
Computing device 200 may also include an interface bus 240 that facilitates communication from various interface devices (e.g., output devices 242, peripheral interfaces 244, and communication devices 246) to the basic configuration 202 via the bus/interface controller 230. The example output device 242 includes a graphics processing unit 248 and an audio processing unit 250. They may be configured to facilitate communication with various external devices, such as a display or speakers, via one or more a/V ports 252. Example peripheral interfaces 244 can include a serial interface controller 254 and a parallel interface controller 256, which can be configured to facilitate communications with external devices such as input devices (e.g., keyboard, mouse, pen, voice input device, touch input device) or other peripherals (e.g., printer, scanner, etc.) via one or more I/O ports 258. An example communication device 246 may include a network controller 260, which may be arranged to communicate with one or more other computing devices 262 over a network communication link via one or more communication ports 264.
A network communication link may be one example of a communication medium. Communication media may typically be embodied by computer readable instructions, data structures, program modules, and may include any information delivery media, such as carrier waves or other transport mechanisms, in a modulated data signal. A "modulated data signal" may be a signal that has one or more of its data set or its changes made in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired network or private-wired network, and various wireless media such as acoustic, Radio Frequency (RF), microwave, Infrared (IR), or other wireless media. The term computer readable media as used herein may include both storage media and communication media.
In a computing device 200 according to the invention, the program 222 comprises program instructions that perform the method 300 and that may instruct the processor 204 to perform some of the steps of the file protection method 300 that are run in the computing device 200 of the invention so that some of the components in the computing device 200 implement the protection of files of a file partition by performing the file protection method 300 of the invention.
Computing device 200 may be implemented as a server, e.g., file server 240, database 250, a server, an application server, etc., which may be a device such as a Personal Digital Assistant (PDA), a wireless web-browsing device, an application-specific device, or a hybrid device that include any of the above functions. May be implemented as a personal computer including both desktop and notebook computer configurations, and in some embodiments, the computing device 200 is configured to perform the file protection method 300.
FIG. 3 shows a flowchart of a file protection method 300 according to an exemplary embodiment of the invention. The file protection method 300 of the present invention is suitable for execution in a computing device that includes one or more file partitions. The file partition is a logical disk based on a physical disk of the computing equipment, the logical disk is obtained by dividing the physical disk, and the method for dividing the physical disk is not limited. Each file partition stores folders and/or files. A file is a set of related elements defined by a creator and having a file name, and is used for storing data and implementing corresponding functions. A folder may include one or more files and can be nested including folders and can also be implemented as empty folders that do not include any content.
As shown in FIG. 3, the file protection method 300 begins with step S310, where the number of file nodes in a file partition is determined. A file node refers to a non-empty folder that includes one or more files and includes folders, and a file partition also serves as a file node. And when the number of the file nodes is determined, traversing all the folders in the file partition, and judging whether each folder is a file node.
Subsequently, step S320 is performed, the pile-driving file rarity is set, and the number of pile-driving files is calculated from the pile-driving file rarity and the number of file nodes. The pile-driving file rarity refers to the distribution density of the pile-driving files in the file partition, that is, the probability of deploying the pile-driving files in each file node, or represents how many file nodes deploy one pile-driving file on average, for example, the pile-driving file rarity is 0.1, the probability of deploying the pile-driving files under the file nodes is 0.1, and one pile-driving file is deployed in every 10 file nodes on average.
And when the number of the pile-driving files is calculated, multiplying the sparse degree of the pile-driving files by the number of the file nodes to obtain the number of the pile-driving files. The number of the pile driving files is controlled by the rarity of the pile driving files, and the number of the pile driving files is small if the rarity of the pile driving files is low; the pile driving files are high in rarity, the pile driving files are large in number, and the better protection effect on file partition can be achieved. When the file or the folder of the file partition is protected, the degree of rarity of the piled files can be adjusted, so that the protection effect can be adjusted according to the system efficiency. When the pile driving file is increased to a certain degree, the protection effect cannot be increased, but the system resource consumption can be greatly improved, so that the lower system efficiency can be used by adjusting the loose degree of the pile driving file, and the higher protection effect can be achieved.
According to an embodiment of the invention, the number of file nodes (inodes) of the file partition is 10000, and the rarity of the pile-driving file is set to be 0.01, that is, one pile-driving file is deployed in every 100 file nodes on average. Multiplying the pile-driving file rarity and the number of file nodes to obtain 100 pile-driving files, and randomly distributing and creating the 100 pile-driving files into 10000 file nodes.
Subsequently, step S330 is performed to create a plurality of pile-driven files according to the number of pile-driven files, which are stored in the file nodes in the file partition. The pile driving file refers to a file or a folder for protecting a file or a folder under a file node where the pile driving file is located. The purpose of creating the pile-driven file is that when a file node is manipulated, such as deleted, modified, and maliciously encrypted, the pile-driven file in the file node can be manipulated first. Once the system detects that the pile-driven file is modified, operations on the file node are blocked to protect other files or folders under the file node.
And when the piling file is created, the piling file is created according to the file condition stored in the file node. And if the file node comprises one or more files, creating the pile-driving file according to the file name, the file type and the file size of the file. Specifically, the file type of the file is set as the file type of the pile-driving file, so as to ensure that the pile-driving file and the file to be protected have the same file type. When the file type of the pile-driving file is set, when a plurality of files are arranged under the folder, the files are of the same file type, or the number of the files of one file type is the largest, the setting is carried out according to the file type of the file of the type.
And then setting the file name of the piling file according to the file name of the file, so that the piling file is the first file when the files under the file nodes are sorted according to the file names.
When operating on files in a file node, all files are generally sorted according to file names. For example, a file with a numeric heading is arranged at the front, a file with a letter heading is arranged at the back, and then other files with a character heading such as Chinese characters are arranged at the back. And sorting the files with the heads of the letters according to the sequence of the English letters.
According to an embodiment of the present invention, the file node includes a file with a file name b and a file with a file name c, and the file name of the pile-driving file is constructed as a. The specific form of the file name of the piling file is not limited, and the file name of the piling file can be selected from the character combinations meeting the requirements at random.
And then setting the size of the pile-driving file according to the file size of the file, so that the file size of the pile-driving file is larger than that of the file to be protected. When a plurality of files to be protected are located under the folder, the size of the piled file is larger than the file size of the largest file among the plurality of files to be protected. When the files in the file nodes are operated, the files can be sequenced according to the file sizes of the files, and the sequenced files are sequentially processed from large to small. To ensure that the pile-driven file is the first processed file regardless of how it is sorted. When determining the size of the pile-driven file, the file size of the pile-driven file may be set to be slightly larger than the file size of the file to be protected, to save storage space of the file partition.
According to an embodiment of the present invention, when the storage space of the file partition is insufficient, or the storage space of the file partition is saved to a greater extent, the file size of the pile-driving file may be set to be much smaller than the file size of the protected file, such as setting the file size of the pile-driving file to be several bytes, 1KB or 2 KB. By setting the size of the piling file in the mode, the files in the file nodes can be protected when the files are sorted according to the size and are sequentially processed from small to large, and the storage space of the file partitions can be saved to the greatest extent.
And constructing the piling file according to the file type, the file name and the file size of the set piling file. When constructing the piling file, according to the set piling file attribute: the file type, file name and file size are constructed. According to one embodiment of the invention, the file content of the pile-driven file is a random algorithmically generated string. When the pile driving file to be constructed is large, a plurality of lines of '0' characters can be fixedly inserted between character strings according to a certain rule to be used as filling.
According to one embodiment of the invention, the piled files may also be arranged in the form of piled folders in which a plurality of piled files are arranged. By setting the piling folder, the time for processing the piling files can be prolonged, a time window for judging whether the piling files are modified and preventing related operations is established, the system has more time to timely prevent the operations, and other files under the file nodes are prevented from being damaged. When creating the piling folder, the file name of the piling folder is set according to the file name of the file to be protected, so that the piling folder is constructed.
According to one embodiment of the invention, if one or more folders are included in a file node, a pinned folder is created according to the filename of the folder. Specifically, the file name of the piling file is set according to the file name of the file folder, so that the piling file folder is the first file folder when the file folders under the file nodes are sorted according to the file names. The file name of the pile-driving folder is set in the same manner as the file name of the pile-driving file.
According to one embodiment of the invention, when setting the pile-driving file, the pile-driving file is created through the looseness of the pile-driving file, and the incremental file detection is carried out on the file partition, so that the newly added file or the file folder is protected. When it is monitored that a file or a folder is newly built in the file partition, a piling file is built under a file node where the newly built file or the newly built folder is located.
Subsequently, step S340 is executed, and when the operation instruction for the file node is accepted and executed, it is determined whether or not a pile-driven file in the file node is changed. In order to judge whether the piling file is changed, a first characteristic value of the piling file needs to be calculated in advance. Specifically, the file content of the piling file is converted into a file array, then binary conversion is performed on the file array, and the first characteristic value of the piling file is obtained according to the digits of the file array in the binary form.
According to one embodiment of the invention, the file content of the pile-driven file is a random algorithmically generated string. Larger pile files include multiple strings, each of which is segmented by multiple rows of "0" characters. And extracting the character strings of the file contents of the piled files to obtain a file array comprising the character strings. If the pile-driving file comprises a plurality of character strings, extracting a file array comprising the character strings from the lines comprising the character strings. Binary conversion is carried out on the file data, and digit statistics is carried out on the file data in the binary form to obtain a first characteristic value.
When the piling file is operated by a non-reading type, the file content of the piling file must be changed. And when judging whether the piling file in the file node is changed or not, recalculating the second characteristic value of the piling file after the operation instruction is executed according to the steps, and comparing the second characteristic value with the first characteristic value to determine whether the piling file is changed or not.
Finally, step S350 is executed, and if it is determined that the piled file is changed, the operation instruction is stopped to protect other files or folders in the file node. And if the second characteristic value of the pile-driving file is different from the first characteristic value, judging that the pile-driving file is changed, and stopping instructing the operation instruction so as to protect other files in the file node from being damaged.
According to one embodiment of the method, the computing device is further in communication connection with a control server, the control server is connected with one or more computing devices, and the control server is further in communication connection with a task server. The task server 150 creates a test task and sends the test task to the control server 140. The test task includes a plurality of test items, and the task server 150 constructs a configuration file for each test item, and combines the configuration files of the plurality of test items to be tested as the test task.
The control server 140 constructs a test installation package according to the test task. The computing device receives and installs the test installation package constructed by the control server 140, and stores a plurality of pile driving files in file nodes of the installed test installation package to protect the installed test installation package. The number of the pile driving files which are specifically constructed can be obtained by setting the rarity of the pile driving files and counting the number of file nodes of the test installation package. Then, executing a test task in the test installation package to obtain test data, and sending the test data to the control server; when a test task is executed, when an operation instruction for a file node of a test installation package is received and executed, judging whether a piling file in the file node is changed or not; and if the pile-driving file is judged to be changed, stopping executing the operation instruction so as to protect other files or folders in the file nodes of the test installation package.
According to one embodiment of the invention, when the computing device determines that the pile-driven file has changed, it also sends a message to the control server 140 and performs a close of the file to organize the file to continue to be destroyed. Control server 140 performs a recovery operation on the files of the computing device with manual intervention after receiving the message.
The file protection method is suitable for being executed in a computing device, and the computing device comprises one or more file partitions. Firstly, setting the rare degree of pile driving files by determining the number of file nodes in a file partition, and calculating the number of pile driving files according to the rare degree of pile driving files and the number of file nodes; creating a plurality of piling files according to the number of the piling files; storing a plurality of pile-driving files in file nodes in the file partition. The number of the pile-driving files can be adjusted according to the file rarity, and when the file rarity is low, the number of the pile-driving files is correspondingly reduced; when the file is high in rarity, the number of the piled files is correspondingly high, and the file partition protection method has a good protection effect on the files partitioned by the files. When the operation instruction of the file node is received and executed, whether the pile-driven file in the file node is changed or not is judged, if the pile-driven file is judged to be changed, the operation instruction is stopped being executed, so that other files or folders in the file node are protected, the situation that the files or folders of a file partition to be protected are damaged by improper operation can be avoided, malicious tampering of the files by viruses is prevented, and important files are lost due to manual misoperation is avoided.
In the description provided herein, numerous specific details are set forth. It is understood, however, that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. However, the disclosed method should not be interpreted as reflecting an intention that: that the invention as claimed requires more features than are expressly recited in each claim.
Those skilled in the art will appreciate that the modules or units or groups of devices in the examples disclosed herein may be arranged in a device as described in this embodiment, or alternatively may be located in one or more devices different from the devices in this example. The modules in the foregoing examples may be combined into one module or may be further divided into multiple sub-modules.
Those skilled in the art will appreciate that the modules in the device in an embodiment may be adaptively changed and disposed in one or more devices different from the embodiment. Modules or units or groups in embodiments may be combined into one module or unit or group and may furthermore be divided into sub-modules or sub-units or sub-groups. All of the features disclosed in this specification (including any accompanying claims, abstract and drawings), and all of the processes or elements of any method or apparatus so disclosed, may be combined in any combination, except combinations where at least some of such features and/or processes or elements are mutually exclusive. Each feature disclosed in this specification (including any accompanying claims, abstract and drawings) may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.
Furthermore, those skilled in the art will appreciate that while some embodiments described herein include some features included in other embodiments, rather than other features, combinations of features of different embodiments are meant to be within the scope of the invention and form different embodiments.
Furthermore, some of the described embodiments are described herein as a method or combination of method elements that can be performed by a processor of a computer system or by other means of performing the described functions. A processor having the necessary instructions for carrying out the method or method elements thus forms a means for carrying out the method or method elements. Further, the elements of the apparatus embodiments described herein are examples of the following apparatus: the apparatus is used to implement the functions performed by the elements for the purpose of carrying out the invention.
The various techniques described herein may be implemented in connection with hardware or software or, alternatively, with a combination of both. Thus, the methods and apparatus of the present invention, or certain aspects or portions thereof, may take the form of program code (i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the invention.
In the case of program code execution on programmable computers, the computing device will generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein the memory is configured to store program code; the processor is configured to perform the file protection method of the present invention according to instructions in said program code stored in the memory.
By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. Computer-readable media includes both computer storage media and communication media. Computer storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of computer readable media.
As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
While the invention has been described with respect to a limited number of embodiments, those skilled in the art, having benefit of this description, will appreciate that other embodiments can be devised which do not depart from the scope of the invention as described herein. Furthermore, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter. Accordingly, many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The present invention has been disclosed in an illustrative rather than a restrictive sense, and the scope of the present invention is defined by the appended claims.

Claims (10)

1. A file protection method adapted to be executed in a computing device comprising one or more file partitions, the method comprising the steps of:
determining the number of file nodes in the file partition;
setting the rare degree of pile driving files, and calculating the number of pile driving files according to the rare degree of pile driving files and the number of file nodes;
creating a plurality of pile driving files according to the number of the pile driving files, and storing the pile driving files in the file nodes in the file partition;
when the operation instruction of the file node is received and executed, judging whether the piling file in the file node is changed or not;
and if the pile-driven file is judged to be changed, stopping executing the operation instruction so as to protect other files or folders in the file node.
2. The method of claim 1, wherein said calculating a number of piled files based on said piled file rarity and a number of file nodes comprises the steps of:
multiplying the pile driving file rarity and the file node number to obtain the pile driving file number.
3. The method of claim 2, wherein said creating a plurality of piled files according to said number of piled files, storing in file nodes in said file partition comprises the steps of:
and if the file node comprises one or more files, creating a piling file according to the file name, the file type and the file size of the file.
4. A method according to claim 3, wherein creating a pile-driving file from the file name, file type and file size of the file comprises the steps of:
setting the file type of the file as the file type of the piling file;
setting the file name of the piling file according to the file name of the file, so that the piling file is the first file when the files under the file nodes are sorted according to the file names;
setting the size of the piling file according to the file size of the file, so that the file size of the piling file is larger than the file size of the file;
and constructing the piling file according to the file type, the file name and the file size of the set piling file.
5. The method of claim 4, further comprising the steps of:
and if the file nodes comprise one or more folders, creating a piling folder according to the file names of the folders.
6. The method of claim 5, wherein said creating a pileup folder from a filename of said folder comprises the steps of:
and setting the file name of the piling file according to the file name of the file folder, so that the piling file folder is the first file folder when the file folders under the file nodes are sorted according to the file names.
7. The method of claim 1, wherein the method further comprises the steps of:
performing incremental file monitoring on the file partitions;
when it is monitored that a file or a folder is newly built in the file partition, a piling file is built under a file node where the newly built file or the newly built folder is located.
8. The method according to any one of claims 1-6, wherein the method further comprises the step of:
converting the file content of the piling file into a file array;
and carrying out binary conversion on the file array, and obtaining a first characteristic value of the piling file according to the digit of the file array in the binary form.
9. A computing device, comprising:
one or more processors;
a memory; and
one or more apparatuses comprising instructions for performing the method of any of claims 1-8.
10. A computer readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a computing device, cause the computing device to perform the method of any of claims 1-8.
CN202111225053.XA 2021-10-21 2021-10-21 File protection method, computing device and storage medium Active CN113672997B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202111225053.XA CN113672997B (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium
CN202210061780.5A CN114386108A (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111225053.XA CN113672997B (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202210061780.5A Division CN114386108A (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium

Publications (2)

Publication Number Publication Date
CN113672997A true CN113672997A (en) 2021-11-19
CN113672997B CN113672997B (en) 2022-02-22

Family

ID=78550740

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202210061780.5A Pending CN114386108A (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium
CN202111225053.XA Active CN113672997B (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202210061780.5A Pending CN114386108A (en) 2021-10-21 2021-10-21 File protection method, computing device and storage medium

Country Status (1)

Country Link
CN (2) CN114386108A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106980797A (en) * 2017-03-24 2017-07-25 北京奇虎科技有限公司 A kind of method, device and computing device for realizing file protection
WO2017168016A1 (en) * 2016-04-01 2017-10-05 Telefonica Digital España, S.L.U. Method and system for protecting a computer file against possible malware encryption
CN107609411A (en) * 2017-09-15 2018-01-19 郑州云海信息技术有限公司 A kind of system and method for intelligent monitoring classified document
CN109871359A (en) * 2019-03-21 2019-06-11 国网福建省电力有限公司 File watching system and method
CN112989427A (en) * 2021-05-06 2021-06-18 武汉深之度科技有限公司 File protection method, computing device and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017168016A1 (en) * 2016-04-01 2017-10-05 Telefonica Digital España, S.L.U. Method and system for protecting a computer file against possible malware encryption
CN106980797A (en) * 2017-03-24 2017-07-25 北京奇虎科技有限公司 A kind of method, device and computing device for realizing file protection
CN107609411A (en) * 2017-09-15 2018-01-19 郑州云海信息技术有限公司 A kind of system and method for intelligent monitoring classified document
CN109871359A (en) * 2019-03-21 2019-06-11 国网福建省电力有限公司 File watching system and method
CN112989427A (en) * 2021-05-06 2021-06-18 武汉深之度科技有限公司 File protection method, computing device and storage medium

Also Published As

Publication number Publication date
CN113672997B (en) 2022-02-22
CN114386108A (en) 2022-04-22

Similar Documents

Publication Publication Date Title
US11212307B2 (en) Server-supported malware detection and protection
CN110119620B (en) System and method for training machine learning model for detecting malicious containers
US9787706B1 (en) Modular architecture for analysis database
US8561193B1 (en) Systems and methods for analyzing malware
RU2536664C2 (en) System and method for automatic modification of antivirus database
RU2634178C1 (en) Method of detecting harmful composite files
JP5378452B2 (en) Pattern matching method and system
US8561180B1 (en) Systems and methods for aiding in the elimination of false-positive malware detections within enterprises
CN108446314B (en) Student information storage method, computer readable storage medium and terminal equipment
US9514312B1 (en) Low-memory footprint fingerprinting and indexing for efficiently measuring document similarity and containment
US10802923B2 (en) Method and apparatus for incremental backup based on file paths and a prefix tree
US10489586B2 (en) System and method of detecting anomalous events
EP2998902B1 (en) Method and apparatus for processing file
US8572730B1 (en) Systems and methods for revoking digital signatures
CN113342475A (en) Server cluster construction method, computing device and storage medium
CN104239795B (en) The scan method and device of file
US9154519B1 (en) System and method for antivirus checking of objects from a plurality of virtual machines
CN113672997B (en) File protection method, computing device and storage medium
CN108133026B (en) Multi-data processing method, system and storage medium
WO2019169721A1 (en) Multi-channel packaging method and apparatus for application, computer device, and storage medium
US8706745B1 (en) Systems and methods for determining a file set
CN111464258B (en) Data verification method, device, computing equipment and medium
CN107783904B (en) Unit test pile de-weighting method, device, computer readable storage medium and equipment
US8918873B1 (en) Systems and methods for exonerating untrusted software components
US8364705B1 (en) Methods and systems for determining a file set

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant