CN109241734A - A kind of securing software operational efficiency optimization method and system - Google Patents
A kind of securing software operational efficiency optimization method and system Download PDFInfo
- Publication number
- CN109241734A CN109241734A CN201810911143.6A CN201810911143A CN109241734A CN 109241734 A CN109241734 A CN 109241734A CN 201810911143 A CN201810911143 A CN 201810911143A CN 109241734 A CN109241734 A CN 109241734A
- Authority
- CN
- China
- Prior art keywords
- software
- list
- monitoring
- blacklist
- white list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of securing software operational efficiency optimization method and systems, which comprises will be in the software classification in computer to white list, gray list and blacklist according to preset rules;Securing software is injected into all blacklist softwares and all gray list softwares;The software of injection securing software is monitored;If there are malicious acts through monitoring confirmation for any software in the gray list, which is reclassified into blacklist;The behavior if any software in the gray list means no harm in default monitoring time, which is reclassified into white list;The method and system are by confirming the software that need to be protected, the software that need to be protected being injected and monitored to software classification in computer;Classification results are dynamically updated by analyzing processing monitoring result in real time, to obtain optimal monitoring scheme;The quantity of securing software injection software is greatly reduced, ensure that the comprehensive and accuracy monitored in low power consuming.
Description
Technical field
The present invention relates to software technology fields, more particularly, to a kind of securing software operational efficiency optimization method and are
System.
Background technique
Increasingly developed with Internet technology, computer also brings multiple hidden danger while bringing us and facilitating, black
Visitor can attack user computer by internet, steal personal information or computer be made to paralyse;And some Malwares can be private
From being downloaded, and operation privately is carried out to computer for many purposes and is changed;These situations can all influence the use of user very much
Experience brings inconvenience, even personal information property safety risk;Under normal circumstances, in order to avoid above situation, user computer meeting
Security protection is carried out using securing software.
Securing software is generally used injection software, intercepts what the mode that windows api interface calls was realized, but because
To will cause many additional overheads after injection, if there are many program that the computer of user is run, each is soft
Part all software requires to inject, then the performance of subscriber computer can decline to a great extent, very bad use feeling is brought to user.
Summary of the invention
All softwares are injected and can be made in order to solve securing software existing for background technique when carrying out security protection
The problem of at system overhead computer performance being declined to a great extent, the present invention provides a kind of securing software operational efficiency is excellent
Change method and system, the software that the method and system only protect needs inject and real-time monitoring, passes through setting dynamic
Name menu manager, gradually reduce the software that need to be injected, with achieve the effect that improve computer performance;A kind of securing software fortune
Line efficiency optimization method includes:
It will be in the software classification in computer to white list, gray list and blacklist according to preset rules;It is classified to institute
Stating the software in white list is the software for confirming the behavior that means no harm, and is classified to the software of the blacklist and goes for confirmation in the presence of malice
For software, be classified to the gray list software be the software to be confirmed with the presence or absence of malicious act;
Securing software is injected into all blacklist softwares and all gray list softwares;
The software of injection securing software is monitored;
If there are malicious acts through monitoring confirmation for any software in the gray list, which is reclassified to black
In list;
The behavior if any software in the gray list means no harm in preset monitoring time, which is divided again
Class is into white list.
Further, N number of software in white list is randomly selected, and it is soft that securing software is injected into N number of white list
It is monitored in part;The quantity N confirms according to the number that preset ratio accounts for white list software sum.
Further, the monitoring result is uploaded to server, the server is according to preset rules in gray list
The malicious act of software score, and determine whether again to divide the software in the gray list according to the appraisal result
Class is to blacklist.
Further, basic score is preset to each software in the gray list, the software in the gray list is existed
The corresponding scoring of one or more malicious acts in monitoring is overlapped with the basic score, is scored after being monitored;If
Scoring is higher than default blacklist threshold value after the monitoring, then reclassifies the software to blacklist;If black not higher than presetting
Name single threshold, then by the basic score monitored as the software that scores after the monitoring next time.
Further, basic score is preset to each software in the gray list, the software in the gray list is existed
Mean no harm in preset monitoring time behavior when, the basis of software scoring on subtract preset fractional value, commented after being monitored
Point;If score is lower than default white list threshold value after the monitoring, the software is reclassified to white list;If being not below pre-
If white list threshold value, then by the basic score monitored as the software that scores after the monitoring next time.
Further, basic score is preset to each of the white list being drawn into software, if the white list
In software there are malicious acts in monitoring, by one or more malicious acts of the software in the white list in monitoring
Corresponding scoring is overlapped with the basic score, is scored after being monitored;If score, which is higher than, after the monitoring presets white name
Single threshold then reclassifies the software to gray list;If the software need to continue to supervise not higher than default white list threshold value
It surveys, and by the basic score that is monitored as the software of scoring after the monitoring next time.
A kind of securing software operational efficiency optimization system includes:
List taxon, the list taxon are used for the software classification in computer according to preset rules to white
In list, gray list and blacklist;The software being classified in the white list is the software for confirming the behavior that means no harm, and is classified to
The software of the blacklist is that there are the softwares of malicious act for confirmation, and the software for being classified to the gray list is to be confirmed whether deposit
In the software of malicious act;
Protective survey unit, the protective survey unit are used to securing software being injected into all blacklist softwares and institute
Have in gray list software;The protective survey unit is used to be monitored the software of injection securing software, and exports monitoring knot
Fruit;
Classifying, updating unit, the classifying, updating unit is used for the monitoring result according to protective survey cell data, to prison
It surveys software and carries out reclassifying for list;If there are malicious acts through monitoring confirmation for any software in the gray list, will
The software is reclassified into blacklist;The row if any software in the gray list means no harm in preset monitoring time
For then the software is reclassified into white list.
Further, the protective survey unit is used to randomly select N number of software in white list, and securing software is infused
Enter into N number of white list software and is monitored;The quantity N is true according to the number that preset ratio accounts for white list software sum
Recognize.
Further, the monitoring result is uploaded to classifying, updating unit, institute's classifying, updating by the protective survey unit
Unit scores according to malicious act of the preset rules to the software in gray list, and is determined whether according to the appraisal result
Software in the gray list is reclassified to blacklist.
Further, the classifying, updating unit is used to preset basic score to each software in the gray list, will
The corresponding scoring of one or more malicious acts of the software in monitoring in the gray list is folded with the basic score
Add, scores after being monitored;If scoring is higher than default blacklist threshold value after the monitoring, the software is reclassified to black
List;If not higher than default blacklist threshold value, by the basic score monitored as the software that scores after the monitoring next time.
Further, the classifying, updating unit is used to preset basic score to each software in the gray list, will
Software in the gray list mean no harm in preset monitoring time behavior when, the basis of software scoring on subtract it is preset
Fractional value scores after being monitored;If score is lower than default white list threshold value after the monitoring, the software is reclassified
To white list;If being not below default white list threshold value, by the basis monitored as the software of scoring after the monitoring next time
Scoring.
Further, the classifying, updating unit is used for each of the white list being drawn into protective survey unit
Software presets basic score, will be soft in the white list if there are malicious acts in monitoring for the software in the white list
The corresponding scoring of one or more malicious acts of the part in monitoring is overlapped with the basic score, is commented after being monitored
Point;If score is higher than default white list threshold value after the monitoring, the software is reclassified to gray list;If not higher than pre-
If white list threshold value, which need to continue to monitor, and by the base that monitors as the software of scoring after the monitoring next time
Plinth scoring.
The invention has the benefit that technical solution of the present invention, gives a kind of securing software operational efficiency optimization side
Method and system, the method and system are by confirming the software that need to be protected to software classification in computer, and further to need to prevent
The software of shield is injected and is monitored;Classification results are dynamically updated by analyzing processing monitoring result in real time, to obtain most
Excellent monitoring scheme;The method and system greatly reduce the quantity of securing software injection software, guarantee subscriber computer
Performance shared performance on securing software is very low, and according to dynamic software name menu manager, ensure that and supervise in low power consuming
The comprehensive and accuracy surveyed.
Detailed description of the invention
By reference to the following drawings, exemplary embodiments of the present invention can be more fully understood by:
Fig. 1 is a kind of flow chart of securing software operational efficiency optimization method of the specific embodiment of the invention;
Fig. 2 is a kind of structure chart of securing software operational efficiency optimization system of the specific embodiment of the invention.
Specific embodiment
Exemplary embodiments of the present invention are introduced referring now to the drawings, however, the present invention can use many different shapes
Formula is implemented, and is not limited to the embodiment described herein, and to provide these embodiments be at large and fully disclose
The present invention, and the scope of the present invention is sufficiently conveyed to person of ordinary skill in the field.Show for what is be illustrated in the accompanying drawings
Term in example property embodiment is not limitation of the invention.In the accompanying drawings, identical cells/elements use identical attached
Icon note.
Unless otherwise indicated, term (including scientific and technical terminology) used herein has person of ordinary skill in the field
It is common to understand meaning.Further it will be understood that with the term that usually used dictionary limits, should be understood as and its
The context of related fields has consistent meaning, and is not construed as Utopian or too formal meaning.
Fig. 1 is a kind of flow chart of securing software operational efficiency optimization method of the specific embodiment of the invention;Such as Fig. 1 institute
Show, which comprises
It step 110, will be in the software classification in computer to white list, gray list and blacklist according to preset rules;
The software being classified in the white list is the software for confirming the behavior that means no harm, and is classified to the software of the blacklist
For confirmation, there are the softwares of malicious act, and being classified to the software of the gray list is to be confirmed with the presence or absence of the soft of malicious act
Part;
The malicious act refers in the case where prompt user being not known or without user's license, in subscriber computer or
Installation and operation in other terminals distorts setting etc., invades user's legitimate rights and interests;Such as: solar obligation is difficult to unload, browser
It kidnaps, advertisement pop-up, malice collection user information, maliciously unloading, malice binding etc.;
The preset rules include classify and according to upper one according to the history prestige and historical behavior of software record
Period optimum results confirm list classification;
Step 120, securing software is injected into all blacklist softwares and all gray list softwares;
Software in the gray list is the software of emphasis concern, and with the presence or absence of malicious act be unknown and there are wind
Danger;Software in the blacklist is that malicious act occurred for determination;The software for being included in the blacklist is carried out to user
Safety instruction, it is proposed that user deletes or shielding;
Step 130, the software of injection securing software is monitored;
Further, N number of software in white list is randomly selected, and it is soft that securing software is injected into N number of white list
It is monitored in part;The quantity N confirms according to the number that preset ratio accounts for white list software sum.It is soft in the white list
Part is not occur malicious act and determination according to historical behavior record, but there are still the hidden danger for sending malicious act, thus it is logical
The mode for crossing sampling observation, also needs to be monitored white list;The quantity of the sampling observation according to preset ratio-dependent, the extraction
Rule, which can be, to be randomly selected, and rotation extraction is also possible to.
Step 140, if there are malicious acts through monitoring confirmation for any software in the gray list, again by the software
It is classified in blacklist;
The behavior if any software in the gray list means no harm in preset monitoring time, which is divided again
Class is into white list.
Further, the method also includes: the monitoring result is uploaded to server, the server is according to default
Rule scores to the malicious act of the software in gray list, and is determined whether according to the appraisal result by the gray list
In software reclassify to blacklist.
To in the gray list each software preset basic score, by the software in the gray list in monitoring one
Corresponding score of a or multiple malicious acts is overlapped with the basic score, scores after being monitored;If after the monitoring
Scoring is higher than default blacklist threshold value, then reclassifies the software to blacklist;If not higher than default blacklist threshold value,
By the basic score monitored as the software that scores after the monitoring next time.
Basic score is preset to each software in the gray list, by the software in the gray list in preset monitoring
Mean no harm in time behavior when, the basis of software scoring on subtract preset fractional value, score after being monitored;If the prison
Score is lower than default white list threshold value after survey, then reclassifies the software to white list;If being not below default white list threshold
Value, then by the basic score monitored as the software that scores after the monitoring next time.
Basic score is preset to each of the white list being drawn into software, if the software in the white list exists
There are malicious acts in monitoring, by one or more malicious acts corresponding scoring of the software in the white list in monitoring
It is overlapped with the basic score, scores after being monitored;It, will if score is higher than default white list threshold value after the monitoring
The software is reclassified to gray list;If not higher than default white list threshold value, the software need to continue to monitor, and will be described
Score the basic score monitored next time as the software after monitoring.
Fig. 2 is a kind of securing software operational efficiency optimization system of the specific embodiment of the invention, the system packet
It includes:
List taxon 210, the list taxon 210 are used to be divided the software in computer according to preset rules
Class is into white list, gray list and blacklist;The software being classified in the white list is the software for confirming the behavior that means no harm,
The software for being classified to the blacklist is that there are the softwares of malicious act for confirmation, and it is to be confirmed for being classified to the software of the gray list
With the presence or absence of the software of malicious act;
Protective survey unit 220, the protective survey unit 220 are used to securing software being injected into all blacklist softwares
And in all gray list softwares;The protective survey unit 220 is used to be monitored the software of injection securing software, and defeated
Monitoring result out;
The protective survey unit 220 is used to randomly select N number of software in white list, and securing software is injected into institute
It states and is monitored in N number of white list software;The quantity N confirms according to the number that preset ratio accounts for white list software sum.
The monitoring result is uploaded to classifying, updating unit, institute's classifying, updating unit root by the protective survey unit 220
It scores according to malicious act of the preset rules to the software in gray list, and being determined whether according to the appraisal result will be described
Software in gray list is reclassified to blacklist.
Classifying, updating unit 230, the classifying, updating unit 230 are used for the monitoring according to 220 data of protective survey unit
It is reclassified as a result, carrying out list to monitoring of software;If any software in the gray list confirms there is malice through monitoring
Behavior then reclassifies the software into blacklist;If any software in the gray list is in preset monitoring time
Mean no harm behavior, then reclassifies the software into white list.
The classifying, updating unit 230 is used to preset basic score to each software in the gray list, by the ash
The corresponding scoring of one or more malicious acts of the software in monitoring in list is overlapped with the basic score, is obtained
It scores after monitoring;If scoring is higher than default blacklist threshold value after the monitoring, the software is reclassified to blacklist;If
Not higher than default blacklist threshold value, then scoring output to list taxon 210 after the monitoring is regard as the software next time
The basic score of monitoring.
The classifying, updating unit 230 is used to preset basic score to each software in the gray list, by the ash
Software in list mean no harm in preset monitoring time behavior when, the basis of software scoring on subtract preset score
Value, scores after being monitored;If score is lower than default white list threshold value after the monitoring, the software is reclassified to white
List;If being not below default white list threshold value, it regard scoring output to list taxon 210 after the monitoring as the software
The basic score monitored next time.
Each of the white list that the classifying, updating unit 230 is used to be drawn into protective survey unit 220 is soft
Part presets basic score, if there are malicious acts in monitoring for the software in the white list, by the software in the white list
The corresponding scoring of one or more malicious acts in monitoring is overlapped with the basic score, is scored after being monitored;
If score is higher than default white list threshold value after the monitoring, the software is reclassified to gray list;If not higher than default
White list threshold value, the software need to continue to monitor, and scoring output after the monitoring is used as to list taxon 210 should
The basic score that software monitors next time.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the disclosure
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.The step of being related in this specification, which numbers, is only used for distinguishing each step, and the time being not limited between each step
Or the relationship of logic, restriction unless the context clearly, otherwise the relationship between each step includes the case where various possible.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments means to be in the disclosure
Within the scope of and form different embodiments.For example, embodiment claimed in detail in the claims is one of any
Can in any combination mode come using.
The various component embodiments of the disclosure can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.The disclosure is also implemented as executing side as described herein
The some or all equipment or system program (for example, computer program and computer program product) of method.It is such
It realizes that the program of the disclosure can store on a computer-readable medium, or can have the shape of one or more signal
Formula.Such signal can be downloaded from an internet website to obtain, and perhaps be provided on the carrier signal or with any other shape
Formula provides.
The disclosure is limited it should be noted that above-described embodiment illustrates rather than the disclosure, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.Word "comprising" is not arranged
Except there are element or steps not listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of more
A such element.The disclosure can be by means of including the hardware of several different elements and by means of properly programmed calculating
Machine is realized.If several in these systems can be by same in the unit claim for listing dry systems
Hardware branch embodies.
The above is only the specific embodiment of the disclosure, it is noted that for the ordinary skill people of this field
Member for, do not depart from the disclosure spirit under the premise of, can make several improvements, modify and deform, these improve, modification,
It is regarded as falling within the scope of protection of this application with deformation.
Claims (12)
1. a kind of securing software operational efficiency optimization method, which comprises
It will be in the software classification in computer to white list, gray list and blacklist according to preset rules;It is classified to described white
Software in list is the software for confirming the behavior that means no harm, and the software for being classified to the blacklist is that there are malicious acts for confirmation
Software, the software for being classified to the gray list is the software to be confirmed with the presence or absence of malicious act;
Securing software is injected into all blacklist softwares and all gray list softwares;
The software of injection securing software is monitored;
If there are malicious acts through monitoring confirmation for any software in the gray list, which is reclassified to blacklist
In;
The behavior if any software in the gray list means no harm in preset monitoring time, by the software reclassify to
In white list.
2. according to the method described in claim 1, it is characterized by: randomly select N number of software in white list, and will protect soft
Part is injected into N number of white list software and is monitored;The quantity N accounts for of white list software sum according to preset ratio
Number confirmation.
3. according to the method described in claim 1, it is characterized by: the monitoring result is uploaded to server, the service
Device scores according to malicious act of the preset rules to the software in gray list, and according to the appraisal result determine whether by
Software in the gray list is reclassified to blacklist.
4. according to the method described in claim 3, being commented it is characterized by: presetting basis to each software in the gray list
Point, by one or more malicious acts of the software in the gray list in monitoring it is corresponding scoring with the basic score into
Row superposition, scores after being monitored;If scoring is higher than default blacklist threshold value after the monitoring, the software is reclassified
To blacklist;If not higher than default blacklist threshold value, by the basis monitored as the software of scoring after the monitoring next time
Scoring.
5. according to the method described in claim 3, being commented it is characterized by: presetting basis to each software in the gray list
Point, the software in the gray list is meant no harm in preset monitoring time behavior when, the basis of software scoring on subtract
Preset fractional value scores after being monitored;If score is lower than default white list threshold value after the monitoring, by the software weight
Newly it is classified to white list;If being not below default white list threshold value, scoring after the monitoring is monitored next time as the software
Basic score.
6. according to the method described in claim 2, it is characterized by: pre- to each of the white list being drawn into software
If basic score, if there are malicious acts in monitoring for the software in the white list, the software in the white list is being supervised
The corresponding scoring of one or more malicious acts in survey is overlapped with the basic score, is scored after being monitored;If institute
Score is higher than default white list threshold value after stating monitoring, then reclassifies the software to gray list;If not higher than white name is preset
Single threshold, the software need to continue to monitor, and by the basic score that monitors as the software of scoring after the monitoring next time.
7. a kind of securing software operational efficiency optimization system, the system comprises:
List taxon, the list taxon are used for the software classification in computer to white name according to preset rules
In single, gray list and blacklist;The software being classified in the white list is the software for confirming the behavior that means no harm, and is classified to institute
The software for stating blacklist is that there are the softwares of malicious act for confirmation, and the software for being classified to the gray list is to be confirmed whether there is
The software of malicious act;
Protective survey unit, the protective survey unit are used to securing software being injected into all blacklist softwares and all ashes
In list software;The protective survey unit is used to be monitored the software of injection securing software, and exports monitoring result;
Classifying, updating unit, the classifying, updating unit are used for the monitoring result according to protective survey cell data, soft to monitoring
Part carries out reclassifying for list;If there are malicious acts through monitoring confirmation for any software in the gray list, this is soft
Part is reclassified into blacklist;The behavior if any software in the gray list means no harm in preset monitoring time,
The software is reclassified into white list.
8. system according to claim 7, it is characterised in that: the protective survey unit is for randomly selecting in white list
N number of software, and securing software is injected into N number of white list software and is monitored;The quantity N is according to preset ratio
Account for the number confirmation of white list software sum.
9. system according to claim 7, it is characterised in that: the monitoring result is uploaded to by the protective survey unit
Classifying, updating unit, institute's classifying, updating unit score according to malicious act of the preset rules to the software in gray list, and
Determine whether to reclassify the software in the gray list to blacklist according to the appraisal result.
10. system according to claim 9, it is characterised in that: the classifying, updating unit is used for in the gray list
Each software preset basic score, one or more malicious acts of the software in the gray list in monitoring are corresponding
Scoring is overlapped with the basic score, is scored after being monitored;If scoring is higher than default blacklist threshold value after the monitoring,
Then the software is reclassified to blacklist;If being used as scoring after the monitoring should not higher than default blacklist threshold value
The basic score that software monitors next time.
11. system according to claim 9, it is characterised in that: the classifying, updating unit is used for in the gray list
Each software preset basic score, the software in the gray list is meant no harm in preset monitoring time behavior when,
Preset fractional value is subtracted in basis of software scoring, is scored after being monitored;If score, which is lower than, after the monitoring presets white name
Single threshold then reclassifies the software to white list;If being not below default white list threshold value, will score after the monitoring
The basic score monitored next time as the software.
12. system according to claim 8, it is characterised in that: the classifying, updating unit is used for protective survey unit
Each of white list being drawn into software presets basic score, dislikes if the software in the white list exists in monitoring
Meaning behavior comments the corresponding scoring of one or more malicious acts of the software in the white list in monitoring with the basis
Divide and be overlapped, scores after being monitored;If score is higher than default white list threshold value after the monitoring, again by the software
It is classified to gray list;If not higher than default white list threshold value, the software need to continue to monitor, and make scoring after the monitoring
The basic score monitored next time for the software.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810911143.6A CN109241734A (en) | 2018-08-10 | 2018-08-10 | A kind of securing software operational efficiency optimization method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810911143.6A CN109241734A (en) | 2018-08-10 | 2018-08-10 | A kind of securing software operational efficiency optimization method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109241734A true CN109241734A (en) | 2019-01-18 |
Family
ID=65070245
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810911143.6A Pending CN109241734A (en) | 2018-08-10 | 2018-08-10 | A kind of securing software operational efficiency optimization method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109241734A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188543A (en) * | 2019-05-21 | 2019-08-30 | 北京威努特技术有限公司 | White list library, white list program library update method and industrial control system |
| CN113553588A (en) * | 2021-07-28 | 2021-10-26 | 中国南方电网有限责任公司 | Terminal software management method |
| CN114564701A (en) * | 2022-02-16 | 2022-05-31 | 深圳供电局有限公司 | Virus protection system based on system white list |
| CN115516840A (en) * | 2020-06-04 | 2022-12-23 | 深圳市欢太科技有限公司 | An information processing method, device, system, medium, chip and program |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101924762A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Active defense method based on cloud security |
| CN102263773A (en) * | 2010-05-25 | 2011-11-30 | 腾讯科技(深圳)有限公司 | Real-time protection method and apparatus thereof |
| CN102413105A (en) * | 2010-09-25 | 2012-04-11 | 杭州华三通信技术有限公司 | Method and device for preventing CC attack |
| CN103065088A (en) * | 2011-09-20 | 2013-04-24 | 卡巴斯基实验室封闭式股份公司 | System and method for detecting computer security threat based on decision of computer use |
| CN103679031A (en) * | 2013-12-12 | 2014-03-26 | 北京奇虎科技有限公司 | File virus immunizing method and device |
| CN103955644A (en) * | 2014-04-25 | 2014-07-30 | 国家电网公司 | Static trojan horse detection method based on terminal self-starting item |
| CN104662547A (en) * | 2012-10-19 | 2015-05-27 | 迈克菲股份有限公司 | Mobile application management |
| CN105138901A (en) * | 2015-08-03 | 2015-12-09 | 浪潮电子信息产业股份有限公司 | White list-based cloud host active defense implementation method |
| CN106295355A (en) * | 2016-08-11 | 2017-01-04 | 南京航空航天大学 | A kind of active safety support method towards Linux server |
| CN106716432A (en) * | 2014-09-22 | 2017-05-24 | 迈克菲股份有限公司 | Pre-launch Process Vulnerability Assessment |
| CN107480528A (en) * | 2017-08-16 | 2017-12-15 | 郑州云海信息技术有限公司 | A kind of method of operating system anti-virus |
| CN107491697A (en) * | 2017-09-29 | 2017-12-19 | 南京宏海科技有限公司 | server security maintaining method based on dynamic white list |
| CN107729753A (en) * | 2017-09-22 | 2018-02-23 | 郑州云海信息技术有限公司 | A kind of defence method and system of computer unknown virus |
| CN107766731A (en) * | 2017-09-22 | 2018-03-06 | 郑州云海信息技术有限公司 | A kind of anti-virus attack realization method and system based on application program management and control |
| CN108009424A (en) * | 2017-11-22 | 2018-05-08 | 北京奇虎科技有限公司 | Virus behavior detection method, apparatus and system |
| CN108234486A (en) * | 2017-12-29 | 2018-06-29 | 北京神州绿盟信息安全科技股份有限公司 | A kind of network monitoring method and monitoring server |
-
2018
- 2018-08-10 CN CN201810911143.6A patent/CN109241734A/en active Pending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102263773A (en) * | 2010-05-25 | 2011-11-30 | 腾讯科技(深圳)有限公司 | Real-time protection method and apparatus thereof |
| CN101924762A (en) * | 2010-08-18 | 2010-12-22 | 奇智软件(北京)有限公司 | Active defense method based on cloud security |
| CN102413105A (en) * | 2010-09-25 | 2012-04-11 | 杭州华三通信技术有限公司 | Method and device for preventing CC attack |
| CN103065088A (en) * | 2011-09-20 | 2013-04-24 | 卡巴斯基实验室封闭式股份公司 | System and method for detecting computer security threat based on decision of computer use |
| CN104662547A (en) * | 2012-10-19 | 2015-05-27 | 迈克菲股份有限公司 | Mobile application management |
| CN103679031A (en) * | 2013-12-12 | 2014-03-26 | 北京奇虎科技有限公司 | File virus immunizing method and device |
| CN103955644A (en) * | 2014-04-25 | 2014-07-30 | 国家电网公司 | Static trojan horse detection method based on terminal self-starting item |
| CN106716432A (en) * | 2014-09-22 | 2017-05-24 | 迈克菲股份有限公司 | Pre-launch Process Vulnerability Assessment |
| CN105138901A (en) * | 2015-08-03 | 2015-12-09 | 浪潮电子信息产业股份有限公司 | White list-based cloud host active defense implementation method |
| CN106295355A (en) * | 2016-08-11 | 2017-01-04 | 南京航空航天大学 | A kind of active safety support method towards Linux server |
| CN107480528A (en) * | 2017-08-16 | 2017-12-15 | 郑州云海信息技术有限公司 | A kind of method of operating system anti-virus |
| CN107729753A (en) * | 2017-09-22 | 2018-02-23 | 郑州云海信息技术有限公司 | A kind of defence method and system of computer unknown virus |
| CN107766731A (en) * | 2017-09-22 | 2018-03-06 | 郑州云海信息技术有限公司 | A kind of anti-virus attack realization method and system based on application program management and control |
| CN107491697A (en) * | 2017-09-29 | 2017-12-19 | 南京宏海科技有限公司 | server security maintaining method based on dynamic white list |
| CN108009424A (en) * | 2017-11-22 | 2018-05-08 | 北京奇虎科技有限公司 | Virus behavior detection method, apparatus and system |
| CN108234486A (en) * | 2017-12-29 | 2018-06-29 | 北京神州绿盟信息安全科技股份有限公司 | A kind of network monitoring method and monitoring server |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188543A (en) * | 2019-05-21 | 2019-08-30 | 北京威努特技术有限公司 | White list library, white list program library update method and industrial control system |
| CN115516840A (en) * | 2020-06-04 | 2022-12-23 | 深圳市欢太科技有限公司 | An information processing method, device, system, medium, chip and program |
| CN113553588A (en) * | 2021-07-28 | 2021-10-26 | 中国南方电网有限责任公司 | Terminal software management method |
| CN113553588B (en) * | 2021-07-28 | 2024-05-24 | 中国南方电网有限责任公司 | Terminal software management method |
| CN114564701A (en) * | 2022-02-16 | 2022-05-31 | 深圳供电局有限公司 | Virus protection system based on system white list |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Mishra et al. | SMS phishing and mitigation approaches | |
| Maiorca et al. | A pattern recognition system for malicious pdf files detection | |
| US12355810B2 (en) | Phishing detection and targeted remediation system and method | |
| Liu et al. | A novel approach for detecting browser-based silent miner | |
| US10417420B2 (en) | Malware detection and classification based on memory semantic analysis | |
| CN102047260B (en) | For the Intelligent hashes of centralized malware detection | |
| CN109241734A (en) | A kind of securing software operational efficiency optimization method and system | |
| Tahir et al. | The browsers strike back: Countering cryptojacking and parasitic miners on the web | |
| US9424422B2 (en) | Detection of rogue software applications | |
| Naseer et al. | Malware detection: issues and challenges | |
| CN111832020B (en) | A method and application for constructing an Android application maliciousness and malicious race detection model | |
| US8272051B1 (en) | Method and apparatus of information leakage prevention for database tables | |
| Hoang | A website defacement detection method based on machine learning techniques | |
| US10027698B2 (en) | Network protection system using linkographs | |
| US20230164180A1 (en) | Phishing detection methods and systems | |
| US10320816B1 (en) | Systems and methods for uniquely identifying malicious advertisements | |
| CN118861301A (en) | Tactical classification method, electronic equipment and storage medium for threat intelligence | |
| Burgess et al. | Manic: Multi-step assessment for crypto-miners | |
| AliAhmad et al. | Malware detection issues, future trends and challenges: a survey | |
| Liu et al. | Evaluating LLM-based Personal Information Extraction and Countermeasures | |
| Jaiswal et al. | Malicious address identifier (MAI): A browser extension to identify malicious URLs | |
| CN105893846A (en) | Method and device for protecting target application program and electronic equipment | |
| Buono et al. | Towards secure mobile learning. visual discovery of malware patterns in android apps | |
| Aswani et al. | Topic modeling of SSH logs using latent dirichlet allocation for the application in cyber security | |
| CN114598546B (en) | Application defense method, device, apparatus, medium and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190118 |