Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2017094990) DEVICE AND METHOD FOR MONITORING MALICIOUS CODE ENCRYPTING USER FILES
Latest bibliographic data on file with the International Bureau

Pub. No.: WO/2017/094990 International Application No.: PCT/KR2016/006650
Publication Date: 08.06.2017 International Filing Date: 23.06.2016
IPC:
G06F 21/50 (2013.01) ,G06F 21/55 (2013.01) ,G06F 21/56 (2013.01) ,G06F 21/52 (2013.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55
Detecting local intrusion or implementing counter-measures
56
Computer malware detection or handling, e.g. anti-virus arrangements
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52
during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
Applicants:
(주)이스트소프트 ESTSOFT CORP. [KR/KR]; 서울시 서초구 반포대로 3 (서초동, 이스트빌딩) (Seocho-dong, East Building) 3, Banpodaero Seocho-gu Seoul 06711, KR
주식회사 이스트시큐리티 ESTSECURITY CORP. [KR/KR]; KR
Inventors:
배상민 BAE, Sang Min; KR
김준섭 KIM, Jun Seob; KR
김건우 KIM, Geon Woo; KR
Agent:
정승훈 JUNG, Seung-hun; KR
Priority Data:
10-2015-016901730.11.2015KR
10-2016-002239725.02.2016KR
Title (EN) DEVICE AND METHOD FOR MONITORING MALICIOUS CODE ENCRYPTING USER FILES
(FR) DISPOSITIF ET PROCÉDÉ POUR SURVEILLER UN CODE MALVEILLANT CHIFFRANT DES FICHIERS D'UTILISATEUR
(KO) 사용자파일을 암호화하는 악성코드의 모니터링 장치 및 방법
Abstract:
(EN) A device for monitoring a malicious code according to the present invention comprises: a target file generation module for generating a target file for monitoring a malicious code on a storage device in which a user file is stored; a monitoring module for, if a request for write access is issued to the target file, confirming a thread which issued the request for write access; and a running program abort module for forcibly stopping the thread identified by the monitoring module.
(FR) La présente invention concerne un dispositif pour surveiller un code malveillant, comprenant : un module de génération de fichier cible pour générer un fichier cible pour surveiller un code malveillant sur un dispositif de stockage dans lequel un fichier d'utilisateur est stocké; un module de surveillance pour, si une requête d'accès d'écriture est fournie au fichier cible, confirmer un fil d'exécution qui a fourni la requête d'accès d'écriture; et un module d'abandon de programme d'exécution pour arrêter de force le fil d'exécution identifié par le module de surveillance.
(KO) 본 발명에 따른 악성코드 모니터링 장치는, 사용자파일이 저장된 저장장치에 악성코드의 감시를 위한 대상파일을 생성하는 대상파일 생성모듈; 상기 대상파일에 대하여 쓰기 접근 권한의 요청이 있는 경우 해당 요청을 보낸 스레드를 확인하는 모니터링모듈; 및 상기 모니터링모듈에 의해 확인된 상기 스레드를 강제 종료하는 실행프로그램 중단모듈;을 포함한다.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JP, KE, KG, KN, KP, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Organization (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: Korean (KO)
Filing Language: Korean (KO)