Ransomware detection method and device

A detection method and virus technology, applied in the field of mobile information security, can solve the problems of high monitoring cost, impossibility of popularization and poor feasibility, etc., and achieve the effect of low system operation loss, suitable for promotion and use, and low monitoring cost

Inactive Publication Date: 2020-03-31
WUHAN ANTIY MOBILE SECURITY
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

This patented technology uses an anti-ransomwarping (AR) program called Tintable to check if there's no problematic data stored at one computer or server during normal use without causing damage from malicious attacks such as viruses or worms. It can also be used alongside other programs like virus scanning tools to help identify new threats against these systems.

Problems solved by technology

This patented technical problem addressed in this patents relates to finding out if there're any hidden or latently infected computer programs can cause harm due to these types of threats like ransomswarms (ransims) caused by new variants of rentalware.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ransomware detection method and device
  • Ransomware detection method and device
  • Ransomware detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0027] On May 12, 2017, the wannacry ransomware raided the world, and infrastructure such as schools, hospitals, enterprises, and personal computers in more than 150 countries were attacked, resulting in files being encrypted and computer users being blackmailed; then Petya ransomware appeared and attacked again Infected many countries, resulting in

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a ransomware detection method. The ransomware detection method comprises the following steps: determining a sequence of traversing terminal files by historicalransomware; deploying a stain file on the terminal according to the determined sequence of traversing the terminal file by the historical ransomware so as to ensure that the stain file is traversed before any important file of the terminal is traversed by the ransomware; when it is monitored that the operation state of the stain file is abnormal, obtaining all processes of the terminal at present; and if a certain process meets any specific attribute of the ransomware library, determining a fact that the software corresponding to the process is ransomware. Compared with a method of deployinga stain file on a terminal device and monitoring the ransomware through the API interfaces and monitoring the API interfaces corresponding to the I/O operations, on one hand, when the operation stateof the stain file is monitored, the frequency of obtaining the operation state of the stain file is far lower than the frequency of the I/O operations, so that the monitoring cost is low, and the system operation loss is low; and on the other hand, the operation state monitoring and I/O operation of the taint file are mutually independent, the I/O operation speed is not influenced, and the methodhas relatively high feasibility and is suitable for popularization and application.

Description

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Owner WUHAN ANTIY MOBILE SECURITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap