CN115130126A - Data protection method and device, electronic equipment and computer readable storage medium - Google Patents

Data protection method and device, electronic equipment and computer readable storage medium Download PDF

Info

Publication number
CN115130126A
CN115130126A CN202210806841.6A CN202210806841A CN115130126A CN 115130126 A CN115130126 A CN 115130126A CN 202210806841 A CN202210806841 A CN 202210806841A CN 115130126 A CN115130126 A CN 115130126A
Authority
CN
China
Prior art keywords
data
protected
executable file
calling information
specified
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210806841.6A
Other languages
Chinese (zh)
Inventor
朱庆芬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Original Assignee
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Topsec Technology Co Ltd, Beijing Topsec Network Security Technology Co Ltd, Beijing Topsec Software Co Ltd filed Critical Beijing Topsec Technology Co Ltd
Priority to CN202210806841.6A priority Critical patent/CN115130126A/en
Publication of CN115130126A publication Critical patent/CN115130126A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a data protection method, a data protection device, electronic equipment and a computer readable storage medium, and relates to the field of computers. The data protection method comprises the following steps: acquiring data to be protected and calling information, wherein the calling information is used for indicating an executable file to call the data to be protected; and storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file. By storing the data to be protected into the executable file, the executable file obtains the data to be protected by calling information instead of directly obtaining the data from the disk when reading the data to be protected, so that an original file of the data to be protected in the disk cannot be found in a debugging and tracking manner, and the safety of the data to be protected is further improved.

Description

Data protection method and device, electronic equipment and computer readable storage medium
Technical Field
The present application relates to the field of computers, and in particular, to a data protection method, apparatus, electronic device, and computer-readable storage medium.
Background
Resource files used by executable files, such as pictures, videos, and other data, are becoming more valuable and security is also receiving more attention.
At present, a resource file used by an executable file is usually encrypted, and then the encrypted resource file is stored in a storage medium such as a disk, and the encrypted file is read when being used. However, in this way, the original content of the resource file is easily obtained through the debug trace, so that the security of the resource file cannot be guaranteed.
Disclosure of Invention
The application provides a data protection method, a data protection device, electronic equipment and a computer readable storage medium, which are used for solving the problem that in the prior art, the original content of a resource file is easy to obtain through debugging and tracking, so that the security of the resource file cannot be guaranteed.
In a first aspect, the present application provides a data protection method, including: acquiring data to be protected and calling information, wherein the calling information is used for indicating an executable file to call the data to be protected; and storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
In the embodiment of the application, the data to be protected is stored in the executable file, so that when the executable file reads the data to be protected, the data to be protected is obtained by calling the information instead of directly obtaining the data from the disk, an original file of the data to be protected in the disk cannot be found in a debugging and tracking manner, and the security of the data to be protected is further improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, the storing the data to be protected and the call information to a specified data segment in the executable file includes: newly adding a specified program header and the specified data segment in the executable file, wherein the specified program header is used for recording the address of the specified data segment; and storing the data to be protected and the calling information to the specified data section.
In the embodiment of the application, the address of the specified data segment is recorded in the specified program header, so that the data to be protected can be found through the address of the specified data segment, and when the data to be protected needs to be called, the data to be protected can be quickly found through the address of the specified data segment.
With reference to the technical solution provided by the first aspect, in some possible implementations, the storing the data to be protected and the call information to a specified data segment in the executable file includes: encrypting the data to be protected; and storing the encrypted data to be protected, the calling information and the decryption algorithm to the specified data section in the executable file.
In the embodiment of the application, the security of the data to be protected can be further improved by encrypting the data to be protected. Meanwhile, a decryption algorithm is stored in the specified data segment, and the encrypted data to be protected can be obtained and then decrypted by the decryption algorithm to obtain the data to be protected.
With reference to the technical solution provided by the first aspect, in some possible implementations, the storing the encrypted data to be protected, the call information, and the decryption algorithm in the designated data segment of the executable file includes: and sequentially storing the encrypted data to be protected, the calling information and the decryption algorithm to the designated data section in the executable file according to the sequence of the encrypted data to be protected, the calling information and the decryption algorithm.
In the embodiment of the application, the encrypted data to be protected, the encrypted calling information and the encrypted decryption algorithm are sequentially stored to the designated data section in the executable file, and the stored data to be protected, the encrypted calling information and the encrypted decryption algorithm are conveniently and subsequently searched, so that the searching efficiency is improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, after the acquiring the data to be protected, the method further includes: and deleting the local data to be protected.
In the embodiment of the application, after the local data to be protected is obtained, the local data to be protected is deleted, so that the local data to be protected can be effectively prevented from being leaked, and the safety of the data to be protected is improved.
With reference to the technical solution provided by the first aspect, in some possible implementations, when the method is applied to the executable file, the method further includes: the executable file receives a calling instruction and acquires calling information corresponding to the calling instruction; and the executable file calls the data to be protected according to the calling information.
In the embodiment of the application, after the executable file receives the call instruction, the data to be protected can be called according to the call information corresponding to the call instruction, and because the executable file does not directly acquire the data to be protected, the original file of the data to be protected in a disk can be prevented from being found in a debugging and tracking mode, and the safety of the data to be protected is further improved.
In a second aspect, the present application provides a data protection apparatus, comprising: the device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring data to be protected and calling information, and the calling information is used for indicating an executable file to call the data to be protected; and the storage unit is used for storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
With reference to the technical solution provided by the second aspect, in some possible implementations, the storage unit is specifically configured to add a specified program header and the specified data segment in the executable file, where the specified program header is used to record an address of the specified data segment; and storing the data to be protected and the calling information to the specified data section.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a memory and a processor, the memory and the processor connected; the memory is used for storing programs; the processor is configured to invoke a program stored in the memory to perform a method as provided in the foregoing first aspect embodiment and/or in combination with any possible implementation manner of the foregoing first aspect embodiment.
In a fourth aspect, embodiments of the present application further provide a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a computer to perform the method as described in the foregoing first aspect embodiment and/or in connection with any one of the possible implementations of the foregoing first aspect embodiment.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a schematic flowchart illustrating a data protection method according to an embodiment of the present application;
fig. 2 is a schematic flowchart illustrating another data protection method according to an embodiment of the present application;
fig. 3 is a block diagram illustrating a data protection apparatus according to an embodiment of the present application;
fig. 4 is a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, relational terms such as "first," "second," and the like may be used solely in the description herein to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Further, the term "and/or" in the present application is only one kind of association relationship describing the associated object, and means that three kinds of relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone.
The technical solution of the present application will be described in detail below with reference to the accompanying drawings.
At present, a resource file used by an executable file is usually encrypted, and then the encrypted resource file is stored in a storage medium such as a disk, so as to achieve the purpose of protecting the resource file. When the resource file needs to be used, the encrypted resource file is read from the disk, and the encrypted resource file is decrypted by using a decryption algorithm to obtain the resource file. Or directly encrypting the whole disk, so that the files in the whole disk are stored in a ciphertext mode, and the purpose of protecting the resource files is achieved.
The applicant finds that, in the current protection method for the resource file, although the resource file is encrypted, the original file of the resource file can be obtained in the disk by analyzing the resource file used by the executable file and using a debug trace mode. For example, because the encrypted resource file is stored on a disk, the file name of the resource file is easy to obtain, and when the linux executable file is disassembled and tracked, the code position for accessing the resource file is easy to locate by comparing the character string information in the executable file with the resource file name.
Through the thinking of the applicant, the resource file can be stored in the executable file, that is, the resource file is not directly stored in the disk, so that the original resource file name cannot be obtained by analyzing the resource file used by the executable file in a debugging and tracking manner, and the resource file name can only be guessed manually through the character string information in the executable file, thereby the resource file is difficult to determine, and the purpose of improving the security of the resource file is achieved.
Moreover, when a plurality of resource files exist, because the plurality of resource files are all stored in the executable file, an analyst needs to analyze the number of resource files used by the executable file one by one, and the storage position and the size of each resource file, so that the difficulty of obtaining the address of the original resource file is further improved, and the safety of the resource file is improved.
Based on the above thought, the applicant designs a data protection method to prevent an analyst from finding an original file of data to be protected in a disk in a debugging and tracking manner, so as to improve the security of the data to be protected. Referring to fig. 1, fig. 1 is a schematic flow chart of a data protection method according to an embodiment of the present application, and steps included in the method will be described with reference to fig. 1.
S100: and acquiring data to be protected and calling information.
The calling information is used for indicating the executable file to acquire the data to be protected. It can be understood that each piece of calling information uniquely corresponds to one piece of data to be protected.
When the executable file receives the call instruction, the information which represents the data to be protected and corresponds to the call instruction is obtained according to the call information, and then the data to be protected is obtained. The information characterizing the data to be protected may be any kind of information, for example, the information characterizing the data to be protected may be a storage address of the data to be protected in the executable file, as long as the data to be protected can be obtained according to the information characterizing the data to be protected, and the specific steps are not limited herein.
Or, the call information may include a hooking function, where the hooking function hooks data to be protected, that is, when the hooking function runs, the data to be protected hooked by the hooking function is read. The hook function corresponds to the call instruction, and when the call instruction is received, the hook function corresponding to the call instruction is operated.
The data to be protected may be any kind of data and no limitation is made to the specific type of data to be protected herein.
For example, the data to be protected may be a resource file used by an executable file, such as data of a picture, a video, and the like, and may be specifically set according to an actual use requirement, which is not limited herein.
The data to be protected and the calling information can be obtained in advance and stored in a storage medium, and when the data to be protected needs to be protected, the data to be protected and the calling information are directly obtained from the storage medium; alternatively, the data to be protected and the call information may be acquired from a third party when necessary.
It can be understood that the data to be protected and the call information may be obtained in different manners, for example, the data to be protected may be obtained in advance and stored in the storage medium, and when the data to be protected needs to be protected, the data to be protected is directly obtained from the storage medium; the invocation information is obtained from a third party when needed. Or, the calling information may be obtained in advance and stored in the storage medium, and when the data to be protected needs to be protected, the calling information is directly obtained from the storage medium; the data to be protected is obtained from a third party when needed.
Here, the local means being stored in a storage medium of an electronic device that executes the data protection method.
S200: and storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
In one embodiment, the specific process of storing the data to be protected and the call information to the specified data segment in the executable file may be that, first, a specified program header and a specified data segment are newly added to the executable file, and the specified program header is used to record an address of the specified data segment; and then storing the data to be protected and the calling information to a specified data segment in the executable file. The address of the appointed data segment is recorded in the appointed program head, so that the data to be protected can be found through the address of the appointed data segment, and the data to be protected can be quickly found through the address of the appointed data segment when the data to be protected needs to be called.
It can be understood that the specified data segment and the specified program header in the executable file may also be pre-established, and accordingly, after the data to be protected and the call information are acquired, the specified program header and the specified data segment do not need to be newly added in the executable file, but the data to be protected and the call information are directly stored in the pre-established specified data segment.
In an embodiment, the data to be protected obtained in step S100 may be already encrypted, and at this time, when the data to be protected is obtained, a decryption algorithm corresponding to the data to be protected needs to be obtained. In another embodiment, the data to be protected obtained in step S100 may not be encrypted, and at this time, step S200 may be directly executed, that is, the data to be protected and the call information are stored in the designated data segment in the executable file; or, in step S200, after the data to be protected is obtained, the data to be protected is encrypted, and the encrypted data to be protected and the corresponding decryption algorithm are stored in the designated data segment in the executable file.
Any type of Encryption algorithm may be used, for example, an AES (Advanced Encryption Standard) Encryption algorithm and the like, which may be selected according to actual requirements, and here, no limitation is made on the specific type of the Encryption algorithm.
The encrypted data to be protected, the encrypted calling information and the encrypted decryption algorithm are stored in the designated data segment of the executable file in any sequence, and the sequence of storing the encrypted data to be protected, the encrypted calling information and the encrypted decryption algorithm in different designated data segments can be different or the same.
In order to improve the efficiency of subsequently searching the stored data to be protected, the calling information and the decryption algorithm, the data to be protected, the calling information and the decryption algorithm can be stored according to a fixed sequence. In one embodiment, the encrypted data to be protected, the encrypted calling information and the encrypted decryption algorithm are stored to the designated data segment in the executable file in sequence according to the sequence of the encrypted data to be protected, the encrypted calling information and the encrypted decryption algorithm.
In an embodiment, the data protection method may be applied to an executable file, and at this time, after the data to be protected, the call information, and the decryption algorithm are stored in a specified data segment in the executable file, if the executable file receives a call instruction, the call information corresponding to the call instruction is obtained, and the executable file calls the data to be protected according to the call information. Because the executable file does not directly acquire the data to be protected, but acquires the data to be protected according to the calling information, the original file of the data to be protected in the disk can be prevented from being found in a debugging and tracking mode, and the safety of the data to be protected is further improved.
It is understood that when the data to be protected is obtained from the local, the data to be protected may be deleted after the data to be protected is obtained and stored to the designated data segment in the executable file. The data to be protected is not stored locally any more, so that the original file of the data to be protected in the disk is prevented from being found in a debugging and tracking mode, and the safety of the data to be protected is further improved.
Optionally, after the data to be protected is obtained, the local data to be protected may be deleted.
The data protection method can be applied to not only executable files but also linux systems, and since linux systems usually include a plurality of executable files, before step S200 is executed, the executable files can be determined, and then the data to be protected and the calling information can be stored in the specified data segment in the determined executable files.
For a further understanding of the above data protection method, please refer to fig. 2. It should be noted that the principle shown in fig. 2 is one of many embodiments of the data protection method of the present application, and therefore, the manner shown in fig. 2 should not be construed as limiting the present application.
As shown in fig. 2, first, data to be protected and call information are acquired, then the data to be protected is encrypted, and then the encrypted data to be protected, the call information and a decryption algorithm are sequentially stored in a designated data segment in an executable file.
The specific implementation manner of each step of the data protection method shown in fig. 2 is already described clearly in the foregoing, and is not described herein again for brevity.
In order to facilitate understanding of the above data protection method, the data protection method is described below by taking an executable file as mine/face-games and data to be protected as resource files such as a mine/svg and an expanded/svg located in a user/face-mine folder as examples.
The method comprises the steps of firstly obtaining resource files mine. And then adding a specified program header and a specified data segment, recording the address of the specified data segment in the specified program header, taking the address as the file offset address of the data to be protected, and also recording the size of encrypted resource files mine. And then, sequentially storing the encrypted resource file, the decryption algorithm and the calling information into a specified data segment.
Referring to fig. 3, fig. 3 is a block diagram of a data protection apparatus 100 according to an embodiment of the present disclosure, which includes an obtaining unit 110 and a storing unit 120.
The obtaining unit 110 is configured to obtain data to be protected and calling information, where the calling information is used to instruct an executable file to call the data to be protected.
The storage unit 120 is configured to store the data to be protected and the call information to a specified data segment in the executable file, so that the data to be protected is stored in the executable file.
A storage unit 120, configured to add a specified program header and the specified data segment in the executable file, where the specified program header is used to record an address of the specified data segment; and storing the data to be protected and the calling information to the specified data section.
A storage unit 120, specifically configured to encrypt the data to be protected; and storing the encrypted data to be protected, the calling information and the decryption algorithm to the specified data section in the executable file.
The storage unit 120 is specifically configured to store the encrypted data to be protected, the calling information, and the decryption algorithm to the specified data segment in the executable file in sequence according to the sequence of the encrypted data to be protected, the calling information, and the decryption algorithm.
The data protection apparatus 100 further includes a processing unit, and the processing unit is configured to delete the local data to be protected.
The processing unit is also used for receiving a calling instruction and acquiring calling information corresponding to the calling instruction; and calling the data to be protected according to the calling information.
The data protection apparatus 100 according to the embodiment of the present application has the same implementation principle and technical effect as those of the foregoing data protection method embodiment, and for brevity, reference may be made to the corresponding contents in the foregoing data protection method embodiment where no part of the apparatus embodiment is mentioned.
Please refer to fig. 4, which is an electronic device 200 according to an embodiment of the present disclosure. The electronic device 200 includes: a transceiver 210, a memory 220, a communication bus 230, and a processor 240.
The elements of the transceiver 210, the memory 220, and the processor 240 are electrically connected to each other directly or indirectly to achieve data transmission or interaction. For example, the components may be electrically coupled to each other via one or more communication buses 230 or signal lines. The transceiver 210 is used for transceiving data. The memory 220 is used for storing a computer program such as the software functional module shown in fig. 3, that is, the data protection apparatus 100. The data protection apparatus 100 includes at least one software function module, which may be stored in the memory 220 in the form of software or firmware (firmware) or solidified in an Operating System (OS) of the electronic device 200. The processor 240 is configured to execute executable modules stored in the memory 220, such as software functional modules or computer programs included in the data protection apparatus 100. At this time, the processor 240 is configured to obtain data to be protected and call information, where the call information is used to instruct the executable file to call the data to be protected; and storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
The Memory 220 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like.
The processor 240 may be an integrated circuit chip having signal processing capabilities. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor 240 may be any conventional processor or the like.
The electronic device 200 includes, but is not limited to, a personal computer, a server, and the like.
The present embodiment also provides a non-volatile computer-readable storage medium (hereinafter, referred to as a storage medium), where the storage medium stores a computer program, and the computer program is executed by the computer, such as the electronic device 200, to execute the data protection method described above. The computer-readable storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (10)

1. A method for protecting data, comprising:
acquiring data to be protected and calling information, wherein the calling information is used for indicating an executable file to call the data to be protected;
and storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
2. The method of claim 1, wherein storing the data to be protected and the call information to a specified data segment in the executable file comprises:
newly adding a specified program header and the specified data segment in the executable file, wherein the specified program header is used for recording the address of the specified data segment;
and storing the data to be protected and the calling information to the specified data section.
3. The method of claim 1, wherein the storing the data to be protected and the call information to a specified data segment in the executable file comprises:
encrypting the data to be protected;
and storing the encrypted data to be protected, the calling information and the decryption algorithm to the specified data section in the executable file.
4. The method according to claim 3, wherein the storing the encrypted data to be protected, the calling information and the decryption algorithm to the specified data segment in the executable file comprises:
and sequentially storing the encrypted data to be protected, the calling information and the decryption algorithm to the designated data section in the executable file according to the sequence of the encrypted data to be protected, the calling information and the decryption algorithm.
5. The method of claim 1, wherein after the obtaining the data to be protected, the method further comprises:
and deleting the local data to be protected.
6. The method according to any one of claims 1-5, when applied to the executable file, further comprising:
the executable file receives a calling instruction and acquires calling information corresponding to the calling instruction;
and the executable file calls the data to be protected according to the calling information.
7. A data protection device, comprising:
the device comprises an acquisition unit, a storage unit and a processing unit, wherein the acquisition unit is used for acquiring data to be protected and calling information, and the calling information is used for indicating an executable file to call the data to be protected;
and the storage unit is used for storing the data to be protected and the calling information to a specified data section in the executable file, so that the data to be protected is stored in the executable file.
8. The data protection device according to claim 7, wherein the storage unit is specifically configured to add a specified program header and the specified data segment in the executable file, where the specified program header is used to record an address of the specified data segment; and storing the data to be protected and the calling information to the specified data section.
9. An electronic device, comprising: a memory and a processor, the memory and the processor being connected;
the memory is used for storing programs;
the processor to invoke a program stored in the memory to perform the method of any of claims 1-6.
10. A computer-readable storage medium, having stored thereon a computer program which, when executed by a computer, performs the method of any one of claims 1-6.
CN202210806841.6A 2022-07-08 2022-07-08 Data protection method and device, electronic equipment and computer readable storage medium Pending CN115130126A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210806841.6A CN115130126A (en) 2022-07-08 2022-07-08 Data protection method and device, electronic equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210806841.6A CN115130126A (en) 2022-07-08 2022-07-08 Data protection method and device, electronic equipment and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN115130126A true CN115130126A (en) 2022-09-30

Family

ID=83382198

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210806841.6A Pending CN115130126A (en) 2022-07-08 2022-07-08 Data protection method and device, electronic equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN115130126A (en)

Similar Documents

Publication Publication Date Title
US11645383B2 (en) Early runtime detection and prevention of ransomware
CN107480527B (en) Lesso software prevention method and system
US10387648B2 (en) Ransomware key extractor and recovery system
US11099889B2 (en) Method-call-chain tracking method, electronic device, and computer readable storage medium
US8578174B2 (en) Event log authentication using secure components
CN109117201B (en) Program exiting method and related equipment
US20140281499A1 (en) Method and system for enabling communications between unrelated applications
US10049113B2 (en) File scanning method and apparatus
CN112231702B (en) Application protection method, device, equipment and medium
CN110221990B (en) Data storage method and device, storage medium and computer equipment
US20220027471A1 (en) Advanced ransomware detection
US9785775B1 (en) Malware management
CN114925337B (en) Data labeling method and device and electronic equipment
CN106612283B (en) Method and device for identifying source of downloaded file
CN115130126A (en) Data protection method and device, electronic equipment and computer readable storage medium
JP6018344B2 (en) Dynamic reading code analysis apparatus, dynamic reading code analysis method, and dynamic reading code analysis program
CN110765456A (en) Method and device for detecting hidden process and storage equipment
US20180053016A1 (en) Visually configurable privacy enforcement
JP4607023B2 (en) Log collection system and log collection method
CN109472138B (en) Method, device and storage medium for detecting snort rule conflict
CN113228016A (en) Apparatus and method for luxo software decryption
CN111966972B (en) Program encryption method, device, electronic equipment and computer readable storage medium
CN112559825B (en) Service processing method, device, computing equipment and medium
CN114928551B (en) System configuration method, device and storage medium
CN116028932A (en) Lesovirus identification method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination