CN103714286A - Method and system for preventing malicious software installation in mobile terminal - Google Patents
Method and system for preventing malicious software installation in mobile terminal Download PDFInfo
- Publication number
- CN103714286A CN103714286A CN201310695038.0A CN201310695038A CN103714286A CN 103714286 A CN103714286 A CN 103714286A CN 201310695038 A CN201310695038 A CN 201310695038A CN 103714286 A CN103714286 A CN 103714286A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- malice
- operation result
- mounting software
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/565—Static detection by checking file integrity
Abstract
The invention provides a method and a system for preventing malicious software installation in a mobile terminal. According to the method, the system monitors a system directory where system files are stored during an operation system installation process, performs an encryption operation on the system files when the system files are stored under the system directory, and storing the operation result at a preset position; during the startup process of the mobile terminal, the system obtains the system files and performs the same encryption operation, and compares the operation result after the encryption operation with the operation result extracted from the preset position, if the two operation results are the same, then no malicious software installation in the mobile terminal is determined; or else, then malicious software installation in the mobile terminal is determined. Thus users buying the mobile terminal can know whether the mobile terminal is already tampered by the manufacturer only by virtue of a startup interface; when an operation system needs to be updated, a cloud backstage service end re-performs an encryption operation on the system, and a verification module is updated together.
Description
Technical field
The present invention relates to a kind of tamper-resistance techniques, particularly relate to a kind of method and system that prevent malice mounting software in mobile terminal.
Background technology
The arrival of large data age, human society will the intelligentized society of entry altitude, smart mobile phone role in life just just starts, mobile phone is more and more got involved the every aspect of our life, yet information security issue is also more outstanding, in Mobile Industry, formed huge grey interests chain, in mobile phone, implant the magic weapon that various grey interests software Cheng Liao each side seeks profit, various grey application are preloaded onto in mobile phone, user can't delete, for this situation, need to design for the malicious operation of businessman a kind of tamper-resistance techniques, to guarantee that mobile phone shipment is pure quiet security system in user's hand.
Summary of the invention
The shortcoming of prior art in view of the above, the object of the present invention is to provide a kind of method and system that prevent in mobile terminal malice mounting software, whether for solving prior art, buy in this mobile phone of user's None-identified of mobile phone the problem of Yi Bei businessman malice mounting software.
For achieving the above object and other relevant objects, the invention provides a kind of method that prevents malice mounting software in mobile terminal, comprise: the system directory that supervisory system file is stored in installing operating system process, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position; In described mobile terminal-opening process, obtain described system file and carry out same cryptographic calculation, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
Based on above-mentioned purpose, the present invention also provides a kind of system that prevents malice mounting software in mobile terminal, comprise: encrypt memory module, for the system directory of storing at installing operating system process supervisory system file, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position; Confirm module, be used in described mobile terminal-opening process, obtain described system file and carry out same cryptographic calculation, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
As mentioned above, the method and system that prevent malice mounting software in mobile terminal of the present invention, there is following beneficial effect: due to when the installing operating system, the most original system file is encrypted to computing, and in when start by encrypting, relatively coming to determine whether the system file under system directory changes, for buying user, as long as just can know by starting-up interface whether " trick " moved to this mobile terminal by Yi Bei businessman.
Accompanying drawing explanation
Fig. 1 is shown as the process flow diagram that prevents the method for malice mounting software in mobile terminal of the present invention.
Fig. 2 is shown as the structural representation that prevents the system of malice mounting software in mobile terminal of the present invention.
Embodiment
Below, by specific instantiation explanation embodiments of the present invention, those skilled in the art can understand other advantages of the present invention and effect easily by the disclosed content of this instructions.The present invention can also be implemented or be applied by other different embodiment, and the every details in this instructions also can be based on different viewpoints and application, carries out various modifications or change not deviating under spirit of the present invention.It should be noted that, in the situation that not conflicting, the feature in following examples and embodiment can combine mutually.
Refer to Fig. 1, the invention provides a kind of method that prevents malice mounting software in mobile terminal.Described mobile terminal comprises any mobile terminal that utilizes operating system to carry out operating software, and it includes but not limited to: mobile phone, panel computer etc.Described prevention method is mainly carried out by the system that is arranged on described mobile terminal.
In step S1, the described system system directory that supervisory system file is stored in installing operating system process, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position.
In the present embodiment, technician is before described mobile terminal dispatches from the factory, while utilizing outside brush machine equipment to described mobile terminal installing operating system, described system is first burned onto described mobile terminal by the image file that comprises operating system, and according to operating system described in the model Matching installation of described mobile terminal, meanwhile, when described operating system is installed, also installed for described mobile terminal system file being encrypted to the program of computing.
The erection schedule of described system monitoring operating system, after monitoring described operating system each system file be all kept under predetermined system catalogue, described system is encrypted computing by all system files under described system directory, obtained an operation result, and resulting operation result has been kept in default directory address.Wherein, described system file refers to deposit operation system master file.
Described system in monitor operating system installation process, go back installation kit containing when start transfer obtain system file, obtained system file be encrypted to the algorithm of computing and the program that the operation result that the operation result after cryptographic calculation and described predeterminated position extract is compared.
Wherein, the optimal algorithm selection of described cryptographic calculation is MD5 algorithm.Especially, described MD5 algorithm adopts circulation MD5 summation algorithm.
In step S2, in described mobile terminal-opening process, system file carry out same cryptographic calculation described in described system acquisition, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
Particularly, when described mobile terminal powers on start, start on the one hand the operating system in described mobile terminal, also start described system simultaneously and obtain described system file, and utilize the cryptographic calculation described in step S1 to be encrypted obtained system file, and the operation result that calculated operation result and described predeterminated position extract is compared.If consistent, illustrate at described mobile terminal from dispatching from the factory to malice mounting software not during this start, if inconsistent, confirm described mobile terminal by the installation of malice software.
Preferably, confirm described mobile terminal by the installation of malice during software, described system points out described in user mobile terminal by malice mounting software in the start-up picture of described mobile terminal.
For example, described system is encrypted computing to all system files in described system directory in start process, and the operation result of gained and the operation result obtaining from predeterminated position are compared, if consistent, exit, continue normal start process, if inconsistent, in starting-up interface, show the printed words of " system is tampered ", and continue start.So, user, when buying new cell-phone, can learn whether Yi Bei businessman is written into application software maliciously to mobile phone.
As shown in Figure 2, the present invention also provides a kind of system that prevents malice mounting software in mobile terminal.Described system 1 comprises: encrypt memory module 11, confirm module 12.
The system directory of described encryption memory module 11 for storing at installing operating system process supervisory system file, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position.
In the present embodiment, technician is before described mobile terminal dispatches from the factory, while utilizing outside brush machine equipment to contain the mirror back-up of operating system to described mobile terminal installation kit, in described mirror back-up, comprise described encryption memory module 11, described encryption memory module 11 starts in described operating system installation process, and the erection schedule of monitor operating system, after monitoring described operating system each system file be all kept under predetermined system catalogue, described system 1 is encrypted computing by all system files under described system directory, obtained an operation result, and resulting operation result is kept in default directory address.Wherein, described system file refers to deposit operation system master file.Wherein, the optimal algorithm selection of described cryptographic calculation is MD5 algorithm.Especially, described MD5 algorithm adopts circulation MD5 summation algorithm.
Preferably, in described system 1, also comprise: installation module (not giving diagram).
Described installation module is for according to the model Matching installation operating system of described mobile terminal, and installation kit transfer during containing start obtain system file, obtained system file be encrypted to the algorithm of computing and the program that the operation result that the operation result after cryptographic calculation and described predeterminated position extract is compared.
Particularly, described brush machine equipment by the burning program of the image file that comprises operating system and the described system of operation to described mobile terminal, and when being installed, described operating system starts the program of the described system of operation, described installation module is according to operating system described in the model Matching installation of described mobile terminal, and installation kit transfer during containing start obtain system file, obtained system file be encrypted to the algorithm of computing and the program that the operation result that the operation result after cryptographic calculation and described predeterminated position extract is compared.
When described mobile terminal is again started shooting in sale or use procedure, described confirmation module 12 is obtained described system file and is carried out same cryptographic calculation, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
Particularly, when described mobile terminal powers on start, start on the one hand the operating system in described mobile terminal, also start described confirmation module 12 simultaneously and obtain described system file, and the cryptographic calculation in utilization and described encryption memory module 11 is encrypted obtained system file, and the operation result that calculated operation result and described predeterminated position extract is compared.If consistent, illustrate at described mobile terminal from dispatching from the factory to malice mounting software not during this start, if inconsistent, confirm described mobile terminal by the installation of malice software.
Preferably, confirm described mobile terminal by the installation of malice during software, described confirmation module 12 points out described in user mobile terminal by malice mounting software in the start-up picture of described mobile terminal.
For example, described confirmation module 12 is encrypted computing to all system files in described system directory in start process, and the operation result of gained and the operation result obtaining from predeterminated position are compared, if consistent, exit, continue normal start process, if inconsistent, in starting-up interface, show the printed words of " system 1 has been tampered ", and continue start.So, user, when buying new cell-phone, can learn whether Yi Bei businessman is written into application software maliciously to mobile phone.
In sum, the method and system that prevent malice mounting software in mobile terminal of the present invention, the application software of malice, before selling mobile terminal, is installed by the special businessman for malice, and user's None-identified.Therefore, when installing operating system, the most original system file is encrypted to computing, and in when start by encrypting, relatively coming to determine whether the system file under system directory changes, for buying user, as long as just can know by starting-up interface whether " trick " moved to this mobile terminal by Yi Bei businessman.So the present invention has effectively overcome various shortcoming of the prior art and tool high industrial utilization.
Above-described embodiment is illustrative principle of the present invention and effect thereof only, but not for limiting the present invention.Any person skilled in the art scholar all can, under spirit of the present invention and category, modify or change above-described embodiment.Therefore, such as in affiliated technical field, have and conventionally know that the knowledgeable, not departing from all equivalence modifications that complete under disclosed spirit and technological thought or changing, must be contained by claim of the present invention.
Claims (11)
1. a method that prevents malice mounting software in mobile terminal, is characterized in that, comprising:
The system directory that supervisory system file is stored in installing operating system process, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position;
In described mobile terminal-opening process, obtain described system file and carry out same cryptographic calculation, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
When operating system update, cloud server re-starts cryptographic calculation to system file, and certifying signature and AKU together push to mobile terminal.
2. the method that prevents in mobile terminal malice mounting software according to claim 1, it is characterized in that, confirm described mobile terminal by the installation of malice during software, described method also comprises: in the start-up picture of described mobile terminal, point out described in user mobile terminal by malice mounting software.
3. the method that prevents malice mounting software in mobile terminal according to claim 1, is characterized in that, before execution is encrypted the step of computing by described system file, described method also comprises:
According to the model Matching installation operating system of described mobile terminal, and installation kit containing when start transfer obtain system file, obtained system file be encrypted to the algorithm of computing and the program that the operation result that the operation result after cryptographic calculation and described predeterminated position extract is compared.
4. the method that prevents malice mounting software in mobile terminal according to claim 1, is characterized in that, the algorithm of described cryptographic calculation is MD5 algorithm.
5. the method that prevents malice mounting software in mobile terminal according to claim 4, is characterized in that, the algorithm of described cryptographic calculation is circulation MD5 summation algorithm.
6. a system that prevents malice mounting software in mobile terminal, is characterized in that, comprising:
Encrypt memory module, for the system directory of storing at installing operating system process supervisory system file, and when described system file is kept under described system directory, described system file is encrypted to computing, and operation result is kept to predeterminated position;
Confirm module, be used in described mobile terminal-opening process, obtain described system file and carry out same cryptographic calculation, the operation result that operation result after cryptographic calculation and described predeterminated position are extracted is compared, if consistent, confirm that described mobile terminal is not by malice mounting software, if inconsistent, confirm described mobile terminal by malice installation software.
7. the system that prevents in mobile terminal malice mounting software according to claim 6, is characterized in that, described system also comprises: in the start-up picture of described mobile terminal, point out described in user mobile terminal by malice mounting software.
8. the system that prevents malice mounting software in mobile terminal according to claim 6, is characterized in that, described system also comprises:
Installation module, for according to the model Matching installation operating system of described mobile terminal, and installation kit transfer during containing start obtain system file, obtained system file be encrypted to the algorithm of computing and the program that the operation result that the operation result after cryptographic calculation and described predeterminated position extract is compared.
9. the system that prevents malice mounting software in mobile terminal according to claim 6, is characterized in that, the algorithm of described cryptographic calculation is MD5 algorithm.
10. the system that prevents malice mounting software in mobile terminal according to claim 9, is characterized in that, the algorithm of described cryptographic calculation is circulation MD5 summation algorithm.
11. systems that prevent malice mounting software in mobile terminal according to claim 1, is characterized in that, during system software update, server background is synchronously together pushed to updating mobile terminal with new MD5 system signature and renewal bag.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310695038.0A CN103714286A (en) | 2013-12-17 | 2013-12-17 | Method and system for preventing malicious software installation in mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310695038.0A CN103714286A (en) | 2013-12-17 | 2013-12-17 | Method and system for preventing malicious software installation in mobile terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103714286A true CN103714286A (en) | 2014-04-09 |
Family
ID=50407248
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310695038.0A Pending CN103714286A (en) | 2013-12-17 | 2013-12-17 | Method and system for preventing malicious software installation in mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103714286A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105827413A (en) * | 2016-03-15 | 2016-08-03 | 乐视移动智能信息技术(北京)有限公司 | Electronic terminal, and system safety verification device and method thereof |
| CN108270916A (en) * | 2017-12-01 | 2018-07-10 | 南京嘉谷初成通信科技有限公司 | A kind of encryption method of smart mobile phone |
| CN109388728A (en) * | 2017-08-02 | 2019-02-26 | 南京南瑞继保电气有限公司 | A kind of power equipment method for quickly retrieving |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102024114A (en) * | 2011-01-14 | 2011-04-20 | 上海交通大学 | Malicious code prevention method based on unified extensible fixed interface |
| CN102111753A (en) * | 2010-12-07 | 2011-06-29 | 深圳市闪电通讯技术有限公司 | Mobile phone software encryption method |
-
2013
- 2013-12-17 CN CN201310695038.0A patent/CN103714286A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102111753A (en) * | 2010-12-07 | 2011-06-29 | 深圳市闪电通讯技术有限公司 | Mobile phone software encryption method |
| CN102024114A (en) * | 2011-01-14 | 2011-04-20 | 上海交通大学 | Malicious code prevention method based on unified extensible fixed interface |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105827413A (en) * | 2016-03-15 | 2016-08-03 | 乐视移动智能信息技术(北京)有限公司 | Electronic terminal, and system safety verification device and method thereof |
| CN109388728A (en) * | 2017-08-02 | 2019-02-26 | 南京南瑞继保电气有限公司 | A kind of power equipment method for quickly retrieving |
| CN108270916A (en) * | 2017-12-01 | 2018-07-10 | 南京嘉谷初成通信科技有限公司 | A kind of encryption method of smart mobile phone |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108377272B (en) | Method and system for managing terminal of Internet of things | |
| US10257193B2 (en) | Local verification of code authentication | |
| CN105993018B (en) | Content item encryption in mobile device | |
| CN111340482B (en) | Conflict detection method, device, node equipment and storage medium | |
| CN109657448B (en) | Method and device for acquiring Root authority, electronic equipment and storage medium | |
| CN111082926B (en) | Key synchronization method and system | |
| CN108289129B (en) | Block chain ecological environment creating method and system and computer readable storage medium | |
| CN111339181B (en) | Block storage method, block storage device, node equipment and storage medium | |
| CN111008034B (en) | Patch generation method and device | |
| CN103544434A (en) | Method and terminal used for ensuring safe operation of application program | |
| CN105577644A (en) | Encryption and authentication method and system | |
| CN105095767A (en) | System and method for secure startup checked based on file data block | |
| CN107918564B (en) | Data transmission exception handling method and device, electronic equipment and storage medium | |
| CN103714286A (en) | Method and system for preventing malicious software installation in mobile terminal | |
| CN110276193B (en) | Risk feature output method, application operation control method, system and device | |
| CN106326777A (en) | System mirror image document signature method and system, client and server | |
| CN102148831B (en) | Method and system for safely controlling terminal application | |
| CN110011807B (en) | Key information maintenance method and system | |
| CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
| CN109710609A (en) | Generate the method and device of tables of data mark | |
| US20220114276A1 (en) | Controlling a data network with respect to a use of a distributed database | |
| CN111353150B (en) | Trusted boot method, trusted boot device, electronic equipment and readable storage medium | |
| CN104158812A (en) | Method and system of safety control of terminal application | |
| CN114398678A (en) | Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium | |
| CN116032519B (en) | Data processing method, apparatus and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140409 |
|
| RJ01 | Rejection of invention patent application after publication |