Ransomware detection method and device, equipment and storage medium
The invention discloses a ransomware detection method and device, equipment and a storage medium. The method comprises the steps of obtaining a first monitoring result whether a suspicious process exists or not; if it is determined that a suspicious process exists based on the first monitoring resul...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention discloses a ransomware detection method and device, equipment and a storage medium. The method comprises the steps of obtaining a first monitoring result whether a suspicious process exists or not; if it is determined that a suspicious process exists based on the first monitoring result, starting a ransomware detection process which is a detection process for performing ransomware detection based on dynamic behavior data in an execution process of the suspicious process; and executing a ransomware detection process to obtain a second monitoring result whether the ransomware exists or not. Thus, the ransomware detection process can be started only when it is determined that the suspicious process exists, so that resource consumption of ransomware detection is reduced as much as possible, the running performance of the electronic equipment is guaranteed, in addition, ransomware detection is conducted in the ransomware detection process based on the dynamic behavior data in the execution process of |
|---|