Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

A process behavior monitoring device and method free of superuser privilege

A technology of super user authority and monitoring device, applied in hardware monitoring, instrumentation, error detection/correction, etc., can solve problems such as inability to monitor native layer operations, detection of malware, etc., to achieve efficient and stable monitoring, concealment of monitoring systems, The effect of monitoring a large range

Active Publication Date: 2020-09-15
XI AN JIAOTONG UNIV
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, most monitoring systems are based on the Framework layer, which cannot monitor the operations of the Native layer, and is easily detected by malware.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A process behavior monitoring device and method free of superuser privilege
  • A process behavior monitoring device and method free of superuser privilege
  • A process behavior monitoring device and method free of superuser privilege

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0092] The implementation of the present invention will be described in detail below in conjunction with the drawings and examples.

[0093] refer to figure 1 , the present invention is a process behavior monitoring method exempt from superuser authority, and the flow process is as follows:

[0094] activate the monitoring device;

[0095] Specify the target of monitoring;

[0096] Action goals, trigger behaviors;

[0097] The monitoring device collects and records the process behavior information of the target, and generates a monitoring log;

[0098] Close the monitoring device and output the monitoring log.

[0099] The process behavior monitoring device exempt from super-user authority of the present invention, the detailed introduction of each unit of it is as follows:

[0100] 1. Interactive unit

[0101] Write an interactive tool, which can interact with the monitoring device when the system is running, and dynamically modify the monitoring target. Process such a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention designs a process behavior monitoring device and a process behavior monitoring method without superuser privilege, which is used for solving the problem of process behavior monitoring ofthe kernel layer in the prior art. The method comprises the following steps of: modifying a system configuration file so that the monitoring device can normally operate without superuser authority; Starting a monitoring device, designating a monitoring target, operating the target, and triggering the behavior; The monitoring device collects the process behavior information of the monitoring target and generates a monitoring log. Compared with the prior art, the invention has the advantages that: 1) the monitoring range is larger than the traditional monitoring system; 2) the monitoring systemis more concealed; 3) the monitoring is more efficient and stable.

Description

technical field [0001] The invention belongs to the technical field of Android kernel monitoring, and in particular relates to a process behavior monitoring device and method free from superuser authority. Background technique [0002] In recent years, the Android market has accounted for 89%, and it is the operating system with the largest number of mobile phone users. But at the same time, the number of malware on the Android system has exploded. According to statistics from Tencent Mobile Security, the number of newly generated viruses in 2017 reached 4,650,604, an increase of nearly 33 times compared to 2014. [0003] Traditional attack methods against the Android platform include fraudulent text messages, phishing links, and rogue software. Traditional malware detection is mainly divided into static analysis and dynamic analysis. Static analysis mainly analyzes the static characteristics of the App and detects it before the App starts. Dynamic analysis mainly analyz...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/30
CPCG06F11/3051
Inventor 陶敬王平辉韩婷李佳璇王铮郑宁栾庆鑫白云鹏孙立远柳哲林杰
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com