CN1900941A - Computer safety protective method based on software identity identifying technology - Google Patents
Computer safety protective method based on software identity identifying technology Download PDFInfo
- Publication number
- CN1900941A CN1900941A CN 200610078622 CN200610078622A CN1900941A CN 1900941 A CN1900941 A CN 1900941A CN 200610078622 CN200610078622 CN 200610078622 CN 200610078622 A CN200610078622 A CN 200610078622A CN 1900941 A CN1900941 A CN 1900941A
- Authority
- CN
- China
- Prior art keywords
- software
- security
- file
- database
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to computer security technology, and is a client end computer security protecting mechanism established around the certificating server based on software identity certification. The present invention includes: 1. establishing security certificating database with the unique flag code as ID; 2. establishing certificating server for providing software security certificating function with the security certificating database as kernel; 3. establishing security policy for limiting the software running in the client end; 4. monitoring the client end computer and extracting the unique ID and submitting it to the certificating server before starting the executable file; 5. inquiring the security certificating database with the certificating server and feeding back the corresponding security information to the client end computer; and 6. the client end computer judging whether to execute the software. Compared with traditional antivirus method, the present invention has more wide protection.
Description
One. technical field
The present invention relates to the Computer Applied Technology field, relate to a kind of guard method of computer security.Utilize this method can set up a kind of infrastructure that the computer safety protective service is provided.Utilize this method also can design a kind of application software that improves computer security.This method is by software on computers the execution of restriction without safety certification, the security that improves computer system.
Two. background technology
Preventing broadcast of computer virus harm, is an important topic of computer safety field.In " Computer Information System Security Protection Ordinance of the People's Republic of China "; the definition of computer virus is: " computer virus is meant establishment or destruction computer function or the data inserted in computer program, influence computing machine use and a set of computer instructions or program code that can self-replacation ".This shows that computer virus can be the executable file of an independent establishment, also can be one group of executable instruction or the program code that inserts in other computer program.No matter virus with which kind of form exists, traditional antivirus software, and the principle of work that all is based on a kind of being called " characteristic matching " is carried out the virus detection.Its principle of work is at first to make the database about virus characteristic in the antivirus software the inside, in virus killing, just the inspection object is scanned one by one according to these virus characteristics, if find the characteristic segments that certain feature in inspected object existence and the known viruse feature database is complementary, just be defined as and find virus.The principle of tradition antivirus software is: stop the operation of known harmful software.Design philosophy is based on the discovery to known non-fail-safe software, only the virus characteristic file that the match is successful is stoped or isolates, so can't realize monitoring to the non-secure file of the unknown.With respect to being for the non-secure file time of occurrence of representative with virus, the killing ability of traditional antivirus software lags behind.Have only this non-fail-safe software of working as to be found, reported, and after being acknowledged as destructiveness, just can include killing scope of traditional antivirus software and so in.Along with the improvement of virus technology, and the development of internet construction, the frequency of occurrences and the velocity of propagation of new virus all are greatly improved.Intrinsic hysteresis quality makes traditional antivirus software novel viral hard to guard against to these, can't thoroughly avoid the generation that endangers.
Another kind of method is based on the thought of file self-shield, for example invention disclosed " software self-protection method of microcomputer virus " (publication number: CN1068205A) and " method for protecting computer software " (publication number: CN1155700A).This method all is to manage to have the information of uniqueness characteristic in file self interpolation, when program brings into operation, check at first whether the current characteristic information of file is consistent with the characteristic information that self stores, and judge that thus whether file is illegally distorted, and then take appropriate measures.These class methods can prevent to a certain extent that software from being revised by Virus, but also exist obvious defects: 1. obviously not being suitable for virus is the situation of independent executable file.In other words, Virus has a style of one's own, and does not revise any file, and then these class methods are powerless; 2. not getting rid of virus can be before program be performed, alter program in advance, and then according to the file status after distorting, making uses the same method recomputates the characteristic information of file, replaces old characteristic information then.
Except taking precautions against virus attack, prevent that the hacker from directly utilizing the design leak of software that computer system is attacked, also be the important topic of current computer security fields.Wherein most typical no more than " buffer zone overflows " leak.Though " buffer zone overflows " attacks is a kind of very attack technology of " ancient " (even " Morris Worm " of in November, 1988 outburst just utilized the principle of " buffer zone overflows "), it is still very big to the security threat of computer system.Antivirus software and can prevent the invasion of virus to a certain extent based on the method for file self-shield, but the directtissima that carries out utilizing software vulnerability is powerless.How to prevent this class attack at present, still none is unified, effective method and instrument depend on the degree of understanding and the level of improving computer system functions of system manager to computer system security basically, and common method is exactly in time to stamp up-to-date system mend.
In addition, along with the development of Internet technology, various " wooden horse " software, ad ware has also brought threat to computer security, and operation has brought inconvenience to user's computer.For enterprise, how to limit the employee and in Intranet, move with work irrelevantly, even the software of potential security hole is arranged, also be a problem demanding prompt solution.
Three. summary of the invention
The purpose of this invention is to provide a kind of based on the software identification; adopt safety certification database and certificate server that software is carried out the computer system security guard method of Collective qualification, make and set up a computing system environments that only allows known believable fail-safe software operation in this way.
The present invention sets up characteristic information and the security information of safety certification database with storing software in advance, and each software of storing in the database all utilizes unique condition code of executable file to identify; And set up server program based on this safety certification database with safety certification function.When certain software in the client computer when being performed, watchdog routine can calculate unique condition code of the executable file of this software, and submits to certificate server.Certificate server searches out the security information and the characteristic information of this software from the safety certification database according to unique condition code, and give watchdog routine these information feedback, whether watchdog routine judges according to the result of feedback whether software satisfies security needs, can continue to carry out.
The present invention has overcome the deficiency of current antivirus software and these two class methods of file self-shield, introduces new thinking 1. and " only allows known believable fail-safe software operation "; 2. by saved software characteristic information and security information in the query set, the security at operating software is just assessed.
" known believable fail-safe software " is meant that the unique condition code of all executable files that 1. these softwares are comprised is present in the certificate server database, 2. authenticate through reliable authoritative institution, this software is not harmful programs such as virus or wooden horse, also not by virus and wooden horse correct, 3. the security level of this software satisfies the requirement of computer environment to software security, do not meet the executable file of above-mentioned arbitrary feature, all be considered as suspicious executable file, need after the special affirmation of user, could carry out.
The present invention both can effectively stop self-existent Virus running paper, also can effectively stop the program file operation of being revised by virus infections, owing to have only " known believable secure file just can be carried out ", not only known virus document can effectively be stoped, and the unknown destructive program that has also has been cut off the path of carrying out.The present invention can also reduce computer system to a certain extent and be subjected to the risk of being attacked because of bug.By the security information of storing on the authentication query server, the system manager can understand leak and the level of security that various softwares may exist in this computer system, thus in feasible scope the upgrade maintenance of implementation system.
Using the present invention can set up a cover computer system security takes good care of infrastructure.For example can set up a safety management platform based on the internet, for the Internet user provides the software information inquiry service, functions such as computer safety protective service.
Use the present invention also can develop the software that a cover is used for the computer system security protection, the centralized and unified protection of enterprise software running environment is provided for enterprise.Enterprise can set up safety certification database and the certificate server of oneself, works out the security strategy that this enterprise is suitable for, the specific running software condition of observing of this enterprise of standard.For example set up and allow the program listing carried out in the enterprise network, forbid that the user carries out the software that has nothing to do with job specification etc. in enterprise network.
Four. description of drawings
Further set forth content of the present invention below by the drawings and specific embodiments:
Fig. 1 is a system construction drawing of implementing the computer environment that the present invention built;
Fig. 2 is under the present invention's control, the detail flowchart of software performing process;
Fig. 3 is the software performing process sketch behind enforcement the present invention.
Five. embodiment
By implementing the present invention, can build a security context that has only known believable software to move.For realize this security context the infrastructure that must build comprise as shown in Figure 1 following three parts:
1. safety certification database;
2. certificate server program;
3. watchdog routine.
The safety certification lane database is stored various Characteristic of Software information and security information.The content of software features information and security information and scope can be adjusted according to the actual needs.In general, characteristic information comprises the title of software, manufacturer, version, the software executable title, purposes of software or the like is safety and security information comprises whether software authenticates, Virus whether, whether trojan horse program exists pregnable leak or the like.Whether whether these information can monitored program be used for judging that certain is about to whether virus of program of carrying out, be maliciously tampered, exist to be easy to the leak attacked, thereby further whether decision allows this program to carry out.And the system manager can assess present computing system environments security from these information accurately, thereby takes rationally, and feasible measure comes system is safeguarded and upgrades.
How each software being identified in the safety certification database is a difficult problem.The present invention adopts unique condition code of executable file to realize this demand.Unique condition code of the pairing executable file of software can be used as the identity characteristic of software.All softwares all are made up of file, and file is from be one group of orderly binary sequence at all.Carry out digital digest by binary sequence and calculate, just can obtain unique condition code of corresponding executable file executable file.The algorithm that can finish this class digital digest calculating comprises MD4, MD5, SHA etc.If any variation takes place in the binary sequence content of executable file, for example have only a binary digit to become 1 from 0, unique condition code of coming out through the digital digest algorithm computation will change.Because the existence of this uniqueness, unique condition code of executable file just can be used as the abundant necessity sign that confirms the software identity.Here related executable file comprises the .exe file, the .dll file, and the .sys file is explained execution script file etc. on the particular platform.
The basic function that the certificate server program need provide comprises: 1. set up and the maintenance safe authentication database, 2. inquire about according to the unique condition code of file that watchdog routine is sent, feedback Characteristic of Software information and security information.
The certificate server program can provide the safety certification database information to collect and the information typing function of modification.According to actual conditions, gather information and typing, the interface of revising information can adopt different means, can carry out automatically, also can manually carry out.The function of certificate server program has very strong extensibility according to the demand of reality, for example can increase the software upgrading suggestion, software security consultant, functions such as software rejuvenation.
Watchdog routine is installed on the computing machine that need carry out the safety certification protection.The basic function that watchdog routine need provide is the implementation of software on the supervisory control comuter, before software is carried out, unique condition code of software for calculation executable file submits to certificate server to authenticate, and according to the feedback information of certificate server whether software is continued to carry out and judge.The system manager works out security strategy according to actual conditions and is used for as the standard of judging whether software can continue to carry out, Virus for example, trojan horse program mustn't move, and whether the program of the unknown or unauthenticated safety is carried out by user decision etc. providing under the prompting prerequisite.Security strategy plays a part to regulate watchdog routine to the computer monitoring dynamics.Watchdog routine can be with system service, and the mode of driver or common process is moved.
Certificate server and watchdog routine can coexist as on same the computing machine, also can be distributed on the different computing machines, can pass through client/server between the two, and perhaps the form of browser/server communicates.Can adopt the various communications protocol that comprise TCP/IP to communicate between the two.
The function of watchdog routine also has very strong extensibility according to the demand of reality, for example can the help system keeper understand computing system environments, understands functions such as current security of system.
Enforcement of the present invention comprises four processes, is respectively:
1. set up the safety certification database
2. set up and the operation certificate server
3. design allows the security strategy of running software
4. install and the operation monitoring program
In the computing machine of implementing the present invention and being protected, the software execution flow journey comprises following seven steps as shown in Figure 2, is respectively:
1. certain software is operated system call;
2. watchdog routine scans the executable file of this software, unique condition code of spanned file;
3. watchdog routine sends to certificate server to the unique condition code of file;
4. certificate server is received unique condition code, the query safe authentication database;
5. certificate server is perhaps given watchdog routine the software information that inquires the message feedback of not finding software;
6. watchdog routine is called security strategy and is compared judgement according to the message of receiving;
7. watchdog routine allows running software or forbids running software according to judged result.
The above is the frame description that the present invention can realize function, the more variation, and all available above content of more function details is a core, add the present invention to, thereby it is more practical to offer user of the present invention, more powerful control ability and service ability.So the change that all are associated improves and application also is included in the spirit and scope of the present invention.
Claims (11)
1. one kind based on the software identification; adopt safety certification database and certificate server that software is carried out the computer system security guard method of Collective qualification, make and set up a computing system environments that only allows known believable fail-safe software operation in this way.
2. method according to claim 1 is characterized in that: the safety certification database is the characteristic information of storing software and the database of security information, and saved software all utilizes unique condition code of executable file to identify in the database.
3. method according to claim 1 is characterized in that: the safety of software is authenticated by certificate server; The basis of authentication is unique condition code of executable file; Certificate server searches out the security information and the characteristic information of this software according to unique condition code from the safety certification database, and gives client monitor process these information feedback.
4. method according to claim 1 is characterized in that: the process of enforcement constitutes (1) by four processes and sets up the safety certification database; (2) set up and move certificate server; (3) design allows the security strategy of running software; (4) also operation monitoring program is installed.
5. method according to claim 1, it is characterized in that: unique condition code of the executable file of employing is the statistical nature of this document, be continuous binary sequence that file is comprised as the input data, calculate the unique deterministic data mode record that has that is obtained through predetermined algorithm.
6. method according to claim 1 is characterized in that: the algorithm that obtains the unique condition code of executable file is a hashing algorithm, MD4 for example, MD5, SHA.
7. method according to claim 1 is characterized in that: the software features information in the safety certification database comprises the title of software, manufacturer, version, software executable title, the purposes of software.
8. method according to claim 1 is characterized in that: the software security information in the safety certification database comprises whether software authenticates and is safety, Virus whether, and whether trojan horse program exists pregnable leak.
9. method according to claim 1 is characterized in that: the executable file that is used to calculate comprises the .exe file, the .dll file, and the .sys file is explained the execution script file on the particular platform.
10. method according to claim 1, it is characterized in that: described watchdog routine, its function comprises the implementation of software on the supervisory control comuter, before software is carried out, unique condition code of software for calculation executable file, submit to certificate server to authenticate, and according to the feedback information of certificate server whether software is continued to carry out and judge.
11. method according to claim 1, it is characterized in that: certificate server and watchdog routine can coexist as on same the computing machine, also can be distributed on the different computing machines, can pass through client/server between the two, perhaps the form of browser/server communicates, and can adopt the various communications protocol that comprise TCP/IP to communicate between the two.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200610078622 CN1900941A (en) | 2006-04-28 | 2006-04-28 | Computer safety protective method based on software identity identifying technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN 200610078622 CN1900941A (en) | 2006-04-28 | 2006-04-28 | Computer safety protective method based on software identity identifying technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN1900941A true CN1900941A (en) | 2007-01-24 |
Family
ID=37656828
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN 200610078622 Pending CN1900941A (en) | 2006-04-28 | 2006-04-28 | Computer safety protective method based on software identity identifying technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN1900941A (en) |
Cited By (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101667232A (en) * | 2009-07-13 | 2010-03-10 | 北京中软华泰信息技术有限责任公司 | Terminal credible security system and method based on credible computing |
CN101110836B (en) * | 2007-08-23 | 2010-05-19 | 上海交通大学 | Real-time monitoring system authorization management method based on PE document |
CN101924762A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Cloud security-based active defense method |
CN101539978B (en) * | 2009-04-29 | 2011-08-17 | 北京飞天诚信科技有限公司 | Software protection method based on space |
CN102195987A (en) * | 2011-05-31 | 2011-09-21 | 成都七巧软件有限责任公司 | Distributed credibility authentication method and system thereof based on software product library |
WO2011124084A1 (en) * | 2010-04-09 | 2011-10-13 | Pan Yanhui | System and method for multi-user cooperative security protection based on cloud calculation |
CN102222183A (en) * | 2011-04-28 | 2011-10-19 | 奇智软件(北京)有限公司 | Mobile terminal software package safety detection method and system thereof |
CN102236752A (en) * | 2010-05-04 | 2011-11-09 | 航天信息股份有限公司 | Trustiness measuring method for installing and upgrading software |
WO2012034349A1 (en) * | 2010-09-14 | 2012-03-22 | Hu Zhishui | Method and system for protecting computer safety |
CN102750476A (en) * | 2012-06-07 | 2012-10-24 | 腾讯科技(深圳)有限公司 | Method and system for identifying file security |
CN102779257A (en) * | 2012-06-28 | 2012-11-14 | 奇智软件(北京)有限公司 | Security detection method and system of Android application program |
CN102799812A (en) * | 2012-06-28 | 2012-11-28 | 腾讯科技(深圳)有限公司 | Method and device for processing application program |
CN102831338A (en) * | 2012-06-28 | 2012-12-19 | 北京奇虎科技有限公司 | Security detection method and system of Android application program |
CN103023884A (en) * | 2012-11-26 | 2013-04-03 | 北京奇虎科技有限公司 | Security data processing method and system |
CN103136470A (en) * | 2013-03-12 | 2013-06-05 | 无锡江南计算技术研究所 | Method of enhancing safety of Java virtual machine |
CN101414997B (en) * | 2007-10-15 | 2013-06-12 | 北京瑞星信息技术有限公司 | Method and apparatus for preventing malevolence program from accessing network |
CN103198253A (en) * | 2013-03-29 | 2013-07-10 | 北京奇虎科技有限公司 | Method and system of file operation |
CN103440455A (en) * | 2011-04-28 | 2013-12-11 | 北京奇虎科技有限公司 | Mobile terminal software package safety detection method and system |
WO2014075504A1 (en) * | 2012-11-14 | 2014-05-22 | 北京奇虎科技有限公司 | Security control method and device for running application |
CN104580161A (en) * | 2014-12-17 | 2015-04-29 | 中国电子科技集团公司第十五研究所 | Security-identity-document-based real-name software authentication method and device |
CN104850775A (en) * | 2014-02-14 | 2015-08-19 | 北京奇虎科技有限公司 | Method and device for assessing safety of application program |
WO2015120756A1 (en) * | 2014-02-14 | 2015-08-20 | 北京奇虎科技有限公司 | Method and device for identifying security of application process |
CN106682504A (en) * | 2015-11-06 | 2017-05-17 | 珠海市君天电子科技有限公司 | Method and device for preventing file from being maliciously edited and electronic equipment |
CN108206741A (en) * | 2016-12-16 | 2018-06-26 | 北京国双科技有限公司 | Verification method, the apparatus and system of service |
CN115208933A (en) * | 2022-07-07 | 2022-10-18 | 成都域卫科技有限公司 | Software application control method, device and storage medium |
-
2006
- 2006-04-28 CN CN 200610078622 patent/CN1900941A/en active Pending
Cited By (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101110836B (en) * | 2007-08-23 | 2010-05-19 | 上海交通大学 | Real-time monitoring system authorization management method based on PE document |
CN101414997B (en) * | 2007-10-15 | 2013-06-12 | 北京瑞星信息技术有限公司 | Method and apparatus for preventing malevolence program from accessing network |
CN101539978B (en) * | 2009-04-29 | 2011-08-17 | 北京飞天诚信科技有限公司 | Software protection method based on space |
CN101667232B (en) * | 2009-07-13 | 2014-12-10 | 北京可信华泰信息技术有限公司 | Terminal credible security system and method based on credible computing |
CN101667232A (en) * | 2009-07-13 | 2010-03-10 | 北京中软华泰信息技术有限责任公司 | Terminal credible security system and method based on credible computing |
WO2011124084A1 (en) * | 2010-04-09 | 2011-10-13 | Pan Yanhui | System and method for multi-user cooperative security protection based on cloud calculation |
CN102236752B (en) * | 2010-05-04 | 2014-10-22 | 航天信息股份有限公司 | Trustiness measuring method for installing and upgrading software |
CN102236752A (en) * | 2010-05-04 | 2011-11-09 | 航天信息股份有限公司 | Trustiness measuring method for installing and upgrading software |
CN101924762A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Cloud security-based active defense method |
US9916447B2 (en) | 2010-08-18 | 2018-03-13 | Beijing Qihoo Technology Company Limited | Active defense method on the basis of cloud security |
CN103078864B (en) * | 2010-08-18 | 2015-11-25 | 北京奇虎科技有限公司 | A kind of Initiative Defense Ile repair method based on cloud security |
CN101924762B (en) * | 2010-08-18 | 2013-02-27 | 北京奇虎科技有限公司 | Cloud security-based active defense method |
US9177141B2 (en) | 2010-08-18 | 2015-11-03 | Beijing Qihoo Technology Company Limited | Active defense method on the basis of cloud security |
WO2012034349A1 (en) * | 2010-09-14 | 2012-03-22 | Hu Zhishui | Method and system for protecting computer safety |
CN102222183A (en) * | 2011-04-28 | 2011-10-19 | 奇智软件(北京)有限公司 | Mobile terminal software package safety detection method and system thereof |
CN102222183B (en) * | 2011-04-28 | 2013-11-13 | 奇智软件(北京)有限公司 | Mobile terminal software package safety detection method and system thereof |
CN103440455A (en) * | 2011-04-28 | 2013-12-11 | 北京奇虎科技有限公司 | Mobile terminal software package safety detection method and system |
CN102195987B (en) * | 2011-05-31 | 2014-04-30 | 成都七巧软件有限责任公司 | Distributed credibility authentication method and system thereof based on software product library |
CN102195987A (en) * | 2011-05-31 | 2011-09-21 | 成都七巧软件有限责任公司 | Distributed credibility authentication method and system thereof based on software product library |
CN102750476A (en) * | 2012-06-07 | 2012-10-24 | 腾讯科技(深圳)有限公司 | Method and system for identifying file security |
WO2013182073A1 (en) * | 2012-06-07 | 2013-12-12 | 腾讯科技(深圳)有限公司 | Method and system for identifying file security and storage medium |
CN102779257A (en) * | 2012-06-28 | 2012-11-14 | 奇智软件(北京)有限公司 | Security detection method and system of Android application program |
CN102799812A (en) * | 2012-06-28 | 2012-11-28 | 腾讯科技(深圳)有限公司 | Method and device for processing application program |
CN102831338A (en) * | 2012-06-28 | 2012-12-19 | 北京奇虎科技有限公司 | Security detection method and system of Android application program |
CN102831338B (en) * | 2012-06-28 | 2015-09-30 | 北京奇虎科技有限公司 | A kind of safety detection method of Android application program and system |
CN102799812B (en) * | 2012-06-28 | 2015-05-27 | 腾讯科技(深圳)有限公司 | Method and device for processing application program |
WO2014075504A1 (en) * | 2012-11-14 | 2014-05-22 | 北京奇虎科技有限公司 | Security control method and device for running application |
CN103023884B (en) * | 2012-11-26 | 2015-09-16 | 北京奇虎科技有限公司 | Secure data processing method and system |
CN103023884A (en) * | 2012-11-26 | 2013-04-03 | 北京奇虎科技有限公司 | Security data processing method and system |
CN103136470B (en) * | 2013-03-12 | 2015-08-12 | 无锡江南计算技术研究所 | A kind of method strengthening safety of Java virtual machine |
CN103136470A (en) * | 2013-03-12 | 2013-06-05 | 无锡江南计算技术研究所 | Method of enhancing safety of Java virtual machine |
CN103198253B (en) * | 2013-03-29 | 2016-03-30 | 北京奇虎科技有限公司 | The method and system of operating file |
CN103198253A (en) * | 2013-03-29 | 2013-07-10 | 北京奇虎科技有限公司 | Method and system of file operation |
CN104850775A (en) * | 2014-02-14 | 2015-08-19 | 北京奇虎科技有限公司 | Method and device for assessing safety of application program |
WO2015120756A1 (en) * | 2014-02-14 | 2015-08-20 | 北京奇虎科技有限公司 | Method and device for identifying security of application process |
CN104580161A (en) * | 2014-12-17 | 2015-04-29 | 中国电子科技集团公司第十五研究所 | Security-identity-document-based real-name software authentication method and device |
CN106682504A (en) * | 2015-11-06 | 2017-05-17 | 珠海市君天电子科技有限公司 | Method and device for preventing file from being maliciously edited and electronic equipment |
CN106682504B (en) * | 2015-11-06 | 2019-08-06 | 珠海豹趣科技有限公司 | A kind of method, apparatus for preventing file from maliciously being edited and electronic equipment |
CN108206741A (en) * | 2016-12-16 | 2018-06-26 | 北京国双科技有限公司 | Verification method, the apparatus and system of service |
CN115208933A (en) * | 2022-07-07 | 2022-10-18 | 成都域卫科技有限公司 | Software application control method, device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1900941A (en) | Computer safety protective method based on software identity identifying technology | |
US8543824B2 (en) | Safe distribution and use of content | |
US8578487B2 (en) | System and method for internet security | |
US7712143B2 (en) | Trusted enclave for a computer system | |
US20070016914A1 (en) | Kernel validation layer | |
US20080301051A1 (en) | Internet fraud prevention | |
US8291493B2 (en) | Windows registry modification verification | |
US20100037317A1 (en) | Mehtod and system for security monitoring of the interface between a browser and an external browser module | |
WO2014012106A2 (en) | Method and apparatus for retroactively detecting malicious or otherwise undesirable software as well as clean software through intelligent rescanning | |
JP2005530223A (en) | Methods for automatic configuration and updating of security policies | |
GB2581877A (en) | Detecting obfuscated malware variants | |
US12093385B2 (en) | Zero dwell time process library and script monitoring | |
US20220417255A1 (en) | Managed detection and response system and method based on endpoints | |
KR101089157B1 (en) | System and method for logically separating servers from clients on network using virtualization of client | |
CN101719846A (en) | Security monitoring method, device and system | |
Deng et al. | Lexical analysis for the webshell attacks | |
US7930727B1 (en) | System and method for measuring and enforcing security policy compliance for software during the development process of the software | |
Barlev et al. | Secure yet usable: Protecting servers and Linux containers | |
Supriya et al. | Malware detection techniques: a survey | |
CN113641997A (en) | Safety protection method, device and system for industrial host and storage medium | |
KR20100078738A (en) | Security system and security method at web application server | |
CN110086812B (en) | Safe and controllable internal network safety patrol system and method | |
CN111343000B (en) | System and method for configuring a gateway to protect an automation system | |
CN111538990B (en) | Internet analysis system | |
CN111343084B (en) | System and method for protecting an automation system using a gateway |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C57 | Notification of unclear or unknown address | ||
DD01 | Delivery of document by public notice |
Addressee: Liu Yunxia Document name: Notification before expiration of term |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C57 | Notification of unclear or unknown address | ||
DD01 | Delivery of document by public notice |
Addressee: Liu Yunxia Document name: the First Notification of an Office Action |
|
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070124 |