CN105117661B - File protection method and device - Google Patents
File protection method and device Download PDFInfo
- Publication number
- CN105117661B CN105117661B CN201510472634.1A CN201510472634A CN105117661B CN 105117661 B CN105117661 B CN 105117661B CN 201510472634 A CN201510472634 A CN 201510472634A CN 105117661 B CN105117661 B CN 105117661B
- Authority
- CN
- China
- Prior art keywords
- file
- characteristic value
- modification
- file destination
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6281—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Document Processing Apparatus (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The embodiment of the invention discloses a file protection method and a device, wherein the method comprises the following steps: when a processing instruction for the characteristic value in the target file is detected, calling the code of the target modification file for modifying the target file to modify the encoding mode of the characteristic value in the target file or to modify the position of the code of the characteristic value in the target file in the code of the target file, wherein the characteristic value in the target file is used for uniquely identifying the target file, and the target modification file is a file for processing the characteristic value in the target file; and generating a target file according to the modified codes. By implementing the embodiment of the invention, the processing efficiency of the characteristic value in the file can be improved.
Description
Technical field
The present invention relates to field of computer technology, and in particular to a kind of document protection method and device.
Background technology
With the continuous development of computer technology, the file of required storage is more and more, and therefore, the protection to file becomes
One urgent problem to be solved.Wherein, file includes the characteristic value for unique mark file, when characteristic value is obtained by third party
Afterwards, third party can destroy file or modification file function by characteristic value, therefore, in order to ensure the security of file needs pair
Characteristic value is handled.Since after characteristic value is obtained by third party, third party can destroy file or modification by characteristic value
File function, therefore, when research staff has found that file is destroyed or file function is changed, in order to ensure the security of file
Need to handle characteristic value again.At present, need research staff's manual unlocking literary when handling characteristic value in file
Part code, and document code is manually changed to realize, due to needing user to carry out multi-pass operation, reduce file
The treatment effeciency of middle characteristic value.
The content of the invention
The embodiment of the invention discloses a kind of document protection method and device, the processing for improving characteristic value in file is imitated
Rate.
First aspect of the embodiment of the present invention discloses a kind of document protection method, including:
When detecting for the process instruction of characteristic value in file destination, target described in invocation target modification file modification
The code of file, to change the coding mode of the characteristic value, or to change the code of the characteristic value in the file destination
Code in present position, the characteristic value is used for file destination described in unique mark, and the target modification file is to be used to locate
Manage the file of the characteristic value;
According to the amended code building file destination.
With reference to the embodiment of the present invention in a first aspect, first aspect of the embodiment of the present invention the first possible implementation
In, after detecting for the process instruction of characteristic value in file destination, the method further includes:
Judge whether the target modification file for handling the characteristic value;
If the target modification file is not present, the target modification file is generated, and performs invocation target modification text
Part changes the step of code of the file destination.
With reference to the embodiment of the present invention in a first aspect, first aspect of the embodiment of the present invention second of possible implementation
In, the file destination includes data segment, and the data segment includes the characteristic value;
The code of file destination includes described in the invocation target modification file modification:
The code of characteristic value present position in the code of the data segment described in invocation target modification file modification, to repair
Change the code of the characteristic value present position in the code of the file destination.
With reference to the embodiment of the present invention in a first aspect, first aspect of the embodiment of the present invention the third possible implementation
In, the file destination includes flag, and the flag is used for the coding mode for identifying the characteristic value;
The code of file destination includes described in the invocation target modification file modification:
The value of flag described in invocation target modification file modification, to change the coding mode of the characteristic value.
With reference to the third possible implementation of first aspect of the embodiment of the present invention, in first aspect of the embodiment of the present invention
The 4th kind of possible implementation in, the file destination includes data segment, and the flag is the mark of the data segment
Position;
The value of flag includes described in the invocation target modification file modification:
The value of flag bit described in invocation target modification file modification.
Second aspect of the embodiment of the present invention discloses a kind of file protection device, including:
Unit is changed, for when detecting for the process instruction of characteristic value in file destination, invocation target modification to be literary
Part changes the code of the file destination, to change the coding mode of the characteristic value, or to change the code of the characteristic value
The present position in the code of the file destination, the characteristic value are used for file destination described in unique mark, and the target is repaiied
It is the file for handling the characteristic value to change file;
First generation unit, for according to the modification amended code building file destination of unit.
With reference to second aspect of the embodiment of the present invention, in the first possible implementation of second aspect of the embodiment of the present invention
In, described device further includes:
Judging unit, for judging whether the target modification file for handling the characteristic value;
Second generation unit, for when the judging result of the judging unit is no, generating the target modification file,
And trigger the step of modification unit performs the code of file destination described in invocation target modification file modification.
With reference to second aspect of the embodiment of the present invention, in second of possible implementation of second aspect of the embodiment of the present invention
In, the file destination includes data segment, and the data segment includes the characteristic value;
The modification unit, the code of characteristic value described in file modification is changed in the data segment specifically for invocation target
Code in present position, to change the code of characteristic value present position in the code of the file destination.
With reference to second aspect of the embodiment of the present invention, in the third possible implementation of second aspect of the embodiment of the present invention
In, the file destination includes flag, and the flag is used for the coding mode for identifying the characteristic value;
The modification unit, specifically for the value of flag described in invocation target modification file modification, to change the spy
The coding mode of value indicative.
With reference to the third possible implementation of second aspect of the embodiment of the present invention, in second aspect of the embodiment of the present invention
The 4th kind of possible implementation in, the file destination includes data segment, and the flag is the mark of the data segment
Position;
The mode of the value of flag is specially described in the modification cell call target modification file modification:
The value of flag bit described in invocation target modification file modification.
In the embodiment of the present invention, when detecting for the process instruction of characteristic value in file destination, invocation target modification
The code of file modification file destination, to change the coding mode of characteristic value, or to change the code of characteristic value in file destination
Code in present position, afterwards according to amended code building file destination, due to when detecting in file destination
During the process instruction of characteristic value, automatic calling is changed to the code of file modification file destination, to change the coding of characteristic value
Mode, or modification characteristic value code in the code of file destination present position, it is thus possible to improve characteristic value in file
Treatment effeciency.
Brief description of the drawings
To describe the technical solutions in the embodiments of the present invention more clearly, below will be to needed in the embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for ability
For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 is a kind of flow chart of document protection method disclosed by the embodiments of the present invention;
Fig. 2 is the flow chart of another document protection method disclosed by the embodiments of the present invention;
Fig. 3 is a kind of structure chart of file protection device disclosed by the embodiments of the present invention;
Fig. 4 is the structure chart of another file protection device disclosed by the embodiments of the present invention;
Fig. 5 is the structure chart of another file protection device disclosed by the embodiments of the present invention.
Embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is part of the embodiment of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained without making creative work
Example, belongs to the scope of protection of the invention.
The embodiment of the invention discloses a kind of document protection method and device, the processing for improving characteristic value in file is imitated
Rate.It is described in detail individually below.
Referring to Fig. 1, Fig. 1 is a kind of flow chart of document protection method disclosed by the embodiments of the present invention.As shown in Figure 1,
This document guard method may comprise steps of.
S101, when detecting for the process instruction of characteristic value in file destination, invocation target modification file modification mesh
The code of file is marked, to change the coding mode of characteristic value in file destination, or to change the code of characteristic value in file destination
The present position in the code of file destination, characteristic value is used for unique mark file destination, target modification file in file destination
It is the file for handling characteristic value in file destination.
In the present embodiment, file destination includes data segment, and data segment refers to be used to store in program inside file destination
One piece of region of memory of the global variable of initialization, data segment include characteristic value, and characteristic value is used for unique mark file destination.When
When research staff has found that file destination is destroyed or file destination function is changed, research staff can be defeated by modes such as keyboards
Enter to be directed to the process instruction of characteristic value in file destination, ought detect the process instruction for characteristic value in file destination afterwards
When, by the code of invocation target modification file modification file destination, to change the coding mode of characteristic value in file destination, or with
The code of characteristic value present position in the code of file destination in modification file destination.
S102, according to amended code building file destination.
, will be according to amended target after the code of invocation target modification file modification file destination in the present embodiment
The code of file regenerates file destination, and the coding mode of characteristic value in the file destination of generation, or the code of characteristic value exist
Present position has changed in the code of file destination.Therefore, when third party uses file destination by the decoding before modification
Mode obtains characteristic value in file destination, or third party from the code of amended file destination file destination by before modification
When characteristic value present position obtains characteristic value in file destination, third party will be unable to get correct characteristic value, so as to
Ensure the security of file.Wherein, target modification file is the file for handling characteristic value in file destination.
In the described document protection methods of Fig. 1, when detecting for the process instruction of characteristic value in file destination,
Invocation target changes the code of file modification file destination, to change the coding mode of characteristic value, or to change the generation of characteristic value
Code present position in the code of file destination, afterwards according to amended code building file destination, pin is detected due to working as
To during the process instruction of characteristic value, automatic calling to be changed to the code of file modification file destination, to change in file destination
The coding mode of characteristic value, or modification characteristic value code in the code of file destination present position, it is thus possible to improve literary
The treatment effeciency of characteristic value in part.
Referring to Fig. 2, Fig. 2 is the flow chart of another document protection method disclosed by the embodiments of the present invention.Such as Fig. 2 institutes
Show, this document guard method may comprise steps of.
S201, when detecting for the process instruction of characteristic value in file destination, judge whether to be used to handle mesh
The target modification file of characteristic value in file is marked, characteristic value is used for unique mark file destination in file destination.
In the present embodiment, file destination includes data segment, and data segment refers to be used to store in program inside file destination
One piece of region of memory of the global variable of initialization, data segment include characteristic value, and characteristic value is used for unique mark file destination.When
When research staff has found that file destination is destroyed or file destination function is changed, research staff can be defeated by modes such as keyboards
Enter to be directed to the process instruction of characteristic value in file destination.Due to can not directly change the code of file destination to change file destination
The coding mode of middle characteristic value, or to change the code of characteristic value in file destination present position in the code of file destination,
And need to modify by target modification file, therefore, when detect for characteristic value in file destination process instruction it
Afterwards, the target modification file for handling characteristic value in file destination is first judged whether.
If S202, be not present target modification file, target modification file is generated.
In the present embodiment, when there is no the mesh that during target modification file, generation is used to handle characteristic value in file destination
Mark modification file;Correspondingly, when there are during target modification file, step S203 will be performed.
The code of S203, invocation target modification file modification file destination, to change the coding of characteristic value in file destination
Mode, or to change the code of characteristic value in file destination present position in the code of file destination.
As a kind of possible embodiment, file destination includes data segment, and data segment includes characteristic value;
The mode of code of invocation target modification file modification file destination is specially:
The code of characteristic value present position in the code of data segment in invocation target modification file modification file destination, with
The code of characteristic value present position in the code of file destination in modification file destination.
In the present embodiment, when generation target modification file or judge there are after target modification file, by invocation target
The code of characteristic value present position in the code of data segment in modification file modification file destination, it is special in file destination to change
The code of value indicative present position in the code of file destination.Therefore, when third party is from the code of amended file destination
When file destination obtains characteristic value in file destination by characteristic value present position before modification, third party will be unable to get correct
Characteristic value, thereby may be ensured that the security of file.
For example, illustrated so that exclusive or is handled as an example, it is as follows:
Header file, i.e. data segment, defined in there are the character that characteristic value is stored inside FILE_CHARACTERISTIC
String, is then packaged into a CONFIG again, and addition HEAD is as byte of padding inside CONFIG.Every time to characteristic value in file into
During row processing, PADDING_SIZE can be adjusted to change offset of the characteristic value in data segment, then preserved again, due to
Characteristic value changes in the position of data segment, and therefore, the value of exclusive or changes in the file destination of generation, so as to reality
Now to the processing of characteristic value in file destination.
As a kind of possible embodiment, file destination includes flag, which is used to identify in file destination
The coding mode of characteristic value;
The mode of code of invocation target modification file modification file destination is specially:
The value of the invocation target modification file modification flag, to change the coding mode of characteristic value in file destination.
As a kind of possible embodiment, file destination includes data segment, which is the flag bit of data segment;
The mode of the value of the invocation target modification file modification flag is specially:
Invocation target changes the value of file modification flag bit.
In the present embodiment, file destination can include flag, which is used to identify characteristic value in file destination
Coding mode, the flag can be the flag bits of data segment, may not be the flag bit of data segment, and the present embodiment does not limit
It is fixed.When generation target modification file or judge, there are after target modification file, invocation target to be changed file modification target
The value of flag in file, to change the coding mode of characteristic value in file destination.When the flag is the flag bit of data segment
When, the value that file modification flag bit can be changed with invocation target changes the coding mode of characteristic value in file destination.
For example, when the value of flag is 1, base64 can be used to encode to characteristic value in file destination
Reason, when the value of flag is 2, can be handled characteristic value in file destination using exclusive or algorithm.
S204, according to amended code building file destination.
, will be according to amended target after the code of invocation target modification file modification file destination in the present embodiment
The code of file regenerates file destination, and the coding mode of characteristic value in the file destination of generation, or the code of characteristic value exist
Present position has changed in the code of file destination.Therefore, when third party uses file destination by the decoding before modification
Mode obtains characteristic value in file destination, or third party from the code of amended file destination file destination by before modification
When characteristic value present position obtains characteristic value in file destination, third party will be unable to get correct characteristic value, so as to
Ensure the security of file.Wherein, target modification file is the file for handling characteristic value in file destination.
In the described document protection methods of Fig. 2, when detecting for the process instruction of characteristic value in file destination,
Judge whether the target modification file for handling characteristic value in file destination, if target modification file is not present, give birth to
Into target modification file, and invocation target changes the code of file modification file destination, to change characteristic value in file destination
Coding mode, or to change the code of characteristic value in file destination present position in the code of file destination, due to when detection
The process instruction of characteristic value in for file destination, and there are during target modification file, modification file modification will be called automatically
The code of file destination, to change the coding mode of characteristic value, or changes the code of characteristic value in the code of file destination
Present position, it is thus possible to improve in file characteristic value treatment effeciency.
Referring to Fig. 3, Fig. 3 is a kind of structure chart of file protection device disclosed by the embodiments of the present invention.As shown in figure 3,
This document protective device 300 can include:
Unit 301 is changed, for changing unit, for working as the process instruction detected for characteristic value in file destination
When, invocation target changes the code of file modification file destination, to change the coding mode of characteristic value in file destination, or to repair
Change the code of characteristic value in the file destination present position in the code of file destination, characteristic value is used to uniquely mark in file destination
Know file destination, target modification file is the file for handling characteristic value in file destination;
Generation unit 302, for according to the modification amended code building file destination of unit 301.
In the present embodiment, file destination includes data segment, and data segment refers to be used to store in program inside file destination
One piece of region of memory of the global variable of initialization, data segment include characteristic value, and characteristic value is used for unique mark file destination.When
When research staff has found that file destination is destroyed or file destination function is changed, research staff can be defeated by modes such as keyboards
Enter to be directed to the process instruction of characteristic value in file destination, ought detect the process instruction for characteristic value in file destination afterwards
When, invocation target is changed the code of file modification file destination by modification unit 301, to change the volume of characteristic value in file destination
Code mode, or to change the code of characteristic value in file destination present position in the code of file destination.
In the present embodiment, after the code of modification unit 301 invocation target modification file modification file destination, generation unit
302 will regenerate file destination according to the code of amended file destination, the coding of characteristic value in the file destination of generation
Mode, or the code of characteristic value have changed present position in the code of file destination.Therefore, when third party uses target
File obtains characteristic value in file destination, or third party from the code of amended file destination by the decoding process before modification
When middle file destination obtains characteristic value in file destination by characteristic value present position before modification, third party will be unable to get just
True characteristic value, thereby may be ensured that the security of file.Wherein, target modification file is to be used to handle feature in file destination
The file of value.
In the described file protection devices of Fig. 3, when detecting for the process instruction of characteristic value in file destination,
Invocation target changes the code of file modification file destination, to change the coding mode of characteristic value, or to change the generation of characteristic value
Code present position in the code of file destination, afterwards according to amended code building file destination, pin is detected due to working as
To during the process instruction of characteristic value, automatic calling to be changed to the code of file modification file destination, to change in file destination
The coding mode of characteristic value, or modification characteristic value code in the code of file destination present position, it is thus possible to improve literary
The treatment effeciency of characteristic value in part.
Referring to Fig. 4, Fig. 4 is the structure chart of another file protection device disclosed by the embodiments of the present invention.Such as Fig. 4 institutes
Show, this document protective device 400 can include:
Unit 401 is changed, for changing unit, for working as the process instruction detected for characteristic value in file destination
When, invocation target changes the code of file modification file destination, to change the coding mode of characteristic value in file destination, or to repair
Change the code of characteristic value in the file destination present position in the code of file destination, characteristic value is used to uniquely mark in file destination
Know file destination, target modification file is the file for handling characteristic value in file destination;
First generation unit 402, for according to the modification amended code building file destination of unit 401.
In the present embodiment, file destination includes data segment, and data segment refers to be used to store in program inside file destination
One piece of region of memory of the global variable of initialization, data segment include characteristic value, and characteristic value is used for unique mark file destination.When
When research staff has found that file destination is destroyed or file destination function is changed, research staff can be defeated by modes such as keyboards
Enter to be directed to the process instruction of characteristic value in file destination, ought detect the process instruction for characteristic value in file destination afterwards
When, invocation target is changed the code of file modification file destination by modification unit 401, to change the volume of characteristic value in file destination
Code mode, or to change the code of characteristic value in file destination present position in the code of file destination.
In the present embodiment, after the code of modification unit 401 invocation target modification file modification file destination, the first generation
Unit 402 will regenerate file destination according to the code of amended file destination, characteristic value in the file destination of generation
Coding mode, or the code of characteristic value have changed present position in the code of file destination.Therefore, when third party uses
File destination obtains characteristic value in file destination, or third party from amended file destination by the decoding process before modification
When file destination obtains characteristic value in file destination by characteristic value present position before modification in code, third party will be unable to obtain
To correct characteristic value, the security of file thereby may be ensured that.Wherein, target modification file is to be used to handle in file destination
The file of characteristic value.
As a kind of possible embodiment, file protection device 400 can also include:
Judging unit 403, for judging whether the target modification file for handling characteristic value in file destination;
Second generation unit 404, for when the judging result of judging unit 403 is no, generating target modification file, and
Triggering modification unit 401 calls the step of code for performing invocation target modification file modification file destination.
In the present embodiment, due to can not directly change the code of file destination to change the coding of characteristic value in file destination
Mode, or to change the code of characteristic value in file destination present position in the code of file destination, and need to pass through target
Modification file is modified, therefore, after detecting for the process instruction of characteristic value in file destination, judging unit 403
It will determine that with the presence or absence of the target modification file for being used to handle characteristic value in file destination.
In the present embodiment, judge to be not present when judging unit 403 and repaiied for handling the target of characteristic value in file destination
When changing file, the second generation unit 404 will generate the target modification file for being used for handling characteristic value in file destination;Correspondingly,
When judging unit 403, which is judged to exist, is used to handle the target modification file of characteristic value in file destination, amendment will be triggered
The code of first 401 invocation targets modification file modification file destination.
As a kind of possible embodiment, file destination includes data segment, and data segment includes characteristic value;
Unit 401 is changed, the code of file modification characteristic value is changed in the code of data segment specifically for invocation target
Present position, to change the code of characteristic value present position in the code of file destination.
As in a kind of possible embodiment, file destination includes flag, which is used for identification characteristics value
Coding mode;
Unit 401 is changed, specifically for the value of the invocation target modification file modification flag, to change this feature value
Coding mode.
In the present embodiment, when the second generation unit 404 generation target modification file or judging unit 403 judge that there are mesh
After mark modification file, invocation target is changed the code of characteristic value in file modification file destination in data by modification unit 401
Present position in the code of section, to change the code of characteristic value in file destination present position in the code of file destination.Cause
This, characteristic value present position obtains target before file destination is by modification from the code of amended file destination by third party
In file during characteristic value, third party will be unable to get correct characteristic value, thereby may be ensured that the security of file.
As a kind of possible embodiment, file destination includes data segment, which can be the mark of data segment
Position;
The mode of the value of the modification unit 401 invocation target modification file modification flag is specially:
Invocation target changes the value of file modification flag bit.
As a kind of possible embodiment, file destination includes data segment, which is the flag bit of data segment;
The mode of the value of the modification unit 401 invocation target modification file modification flag is specially:
Invocation target changes the value of file modification flag bit.
In the present embodiment, file destination can include flag, which is used to identify characteristic value in file destination
Coding mode, the flag can be the flag bits of data segment, may not be the flag bit of data segment, and the present embodiment does not limit
It is fixed.Judge when the second generation unit 404 generates target modification file or judging unit 403 there are after target modification file,
The value that invocation target is changed flag in file modification file destination by unit 401 is changed, to change characteristic value in file destination
Coding mode.When the flag is the flag bit of data segment, the value that file modification flag bit can be changed with invocation target is come
Change the coding mode of characteristic value in file destination.
In the described file protection devices of Fig. 4, when detecting for the process instruction of characteristic value in file destination,
Invocation target changes the code of file modification file destination, to change the coding mode of characteristic value, or to change the generation of characteristic value
Code present position in the code of file destination, afterwards according to amended code building file destination, pin is detected due to working as
To during the process instruction of characteristic value, automatic calling to be changed to the code of file modification file destination, to change in file destination
The coding mode of characteristic value, or modification characteristic value code in the code of file destination present position, it is thus possible to improve literary
The treatment effeciency of characteristic value in part.
Referring to Fig. 5, Fig. 5 is the structure chart of another file protection device disclosed by the embodiments of the present invention.Such as Fig. 5 institutes
Show, which can include:At least one processor 501 (such as CPU), at least one processor 502 are defeated
Enter device 503 and at least one communication bus, 504.Wherein, the connection that communication bus 504 is used for realization between these components is led to
Letter.Memory 502 can be high-speed RAM memory or non-labile memory (non-volatile
Memory), a for example, at least magnetic disk storage.Memory 502 optionally can also be at least one and be located remotely from foregoing place
The storage device of reason 501.Wherein:
Input unit 503, the process instruction of characteristic value in file destination is directed to for detecting, and the process instruction is sent out
Give processor 501;
Batch processing code is stored with memory 502, processor 501 is used to call the program stored in memory 502
Code performs following operation:
Invocation target changes the code of file modification file destination, to change the coding mode of this feature value, or with modification
The code of this feature value present position in the code of file destination, this feature value are used for unique mark file destination, and target is repaiied
It is the file for processing feature value to change file;
According to amended code building file destination.
As a kind of possible embodiment, input unit detect for characteristic value in file destination process instruction it
Afterwards, and 501 invocation target of processor modification file modification file destination code, processor 501 be additionally operable to call memory
The program code stored in 502 performs following operation:
Judge whether the target modification file for handling this feature value;
If target modification file is not present, target modification file is generated, and performs invocation target modification file modification mesh
The step of marking the code of file.
As a kind of possible embodiment, file destination includes data segment, and data segment includes this feature value;
The mode of code of 501 invocation target of processor modification file modification file destination is specially:
The code of invocation target modification file modification this feature value present position in the code of data segment, to change the spy
The code of value indicative present position in the code of file destination.
As a kind of possible embodiment, file destination includes flag, which is used to identify this feature value
Coding mode;
The mode of code of 501 invocation target of processor modification file modification file destination is specially:
The value of the invocation target modification file modification flag, to change the coding mode of this feature value.
As a kind of possible embodiment, file destination includes data segment, which can be the mark of data segment
Position;
The mode of the value of 501 invocation target of the processor modification file modification flag is specially:
Invocation target changes the value of file modification flag bit.
In the described file protection devices of Fig. 5, when detecting for the process instruction of characteristic value in file destination,
Invocation target changes the code of file modification file destination, to change the coding mode of characteristic value, or to change the generation of characteristic value
Code present position in the code of file destination, afterwards according to amended code building file destination, pin is detected due to working as
To during the process instruction of characteristic value, automatic calling to be changed to the code of file modification file destination, to change in file destination
The coding mode of characteristic value, or modification characteristic value code in the code of file destination present position, it is thus possible to improve literary
The treatment effeciency of characteristic value in part.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can
To instruct relevant hardware to complete by program, which can be stored in a computer-readable recording medium, storage
Medium can include:Flash disk, read-only storage (Read-Only Memory, ROM), random access device (Random Access
Memory, RAM), disk or CD etc..
Document protection method disclosed by the embodiments of the present invention and device are described in detail above, it is used herein
Specific case is set forth the principle of the present invention and embodiment, and the explanation of above example is only intended to help to understand this
The method and its core concept of invention;Meanwhile for those of ordinary skill in the art, according to the thought of the present invention, specific
There will be changes in embodiment and application range, in conclusion this specification content should not be construed as to the present invention's
Limitation.
Claims (10)
- A kind of 1. document protection method, it is characterised in that including:When detecting for the process instruction of characteristic value in file destination, file destination described in invocation target modification file modification Code, to change the coding mode of the characteristic value, or to change generation of the code of the characteristic value in the file destination Present position in code, the characteristic value are used for file destination described in unique mark, and the target modification file is to be used to handle institute The file of characteristic value is stated, the file destination includes data segment, and the data segment is used to store journey for file destination the inside One piece of region of memory of initialized global variable in sequence, the data segment include the characteristic value;According to the amended code building file destination.
- 2. according to the method described in claim 1, detect that the processing for characteristic value in file destination refers to it is characterized in that, working as After order, the method further includes:Judge whether the target modification file for handling the characteristic value;If the target modification file is not present, the target modification file is generated, and performs invocation target modification file and repaiies The step of changing the code of the file destination.
- 3. according to the method described in claim 1, it is characterized in that, the file destination includes data segment, the data segment bag Include the characteristic value;The code of file destination includes described in the invocation target modification file modification:The code of characteristic value present position in the code of the data segment described in invocation target modification file modification, to change State the code of the characteristic value present position in the code of the file destination.
- 4. according to the method described in claim 1, it is characterized in that, the file destination includes flag, the flag is used In the coding mode for identifying the characteristic value;The code of file destination includes described in the invocation target modification file modification:The value of flag described in invocation target modification file modification, to change the coding mode of the characteristic value.
- 5. according to the method described in claim 4, it is characterized in that, the file destination includes data segment, the flag is The flag bit of the data segment;The value of flag includes described in the invocation target modification file modification:The value of flag bit described in invocation target modification file modification.
- A kind of 6. file protection device, it is characterised in that including:Unit is changed, for when detecting for the process instruction of characteristic value in file destination, invocation target modification file to be repaiied Change the code of the file destination, to change the coding mode of the characteristic value, or to change the code of the characteristic value in institute Present position in the code of file destination is stated, the characteristic value is used for file destination described in unique mark, the target modification text Part is the file for handling the characteristic value, and the file destination includes data segment, and the data segment is the file destination The inside is used to store one piece of region of memory of initialized global variable in program, and the data segment includes the characteristic value;First generation unit, for according to the modification amended code building file destination of unit.
- 7. device according to claim 6, it is characterised in that described device further includes:Judging unit, for judging whether the target modification file for handling the characteristic value;Second generation unit, for when the judging result of the judging unit is no, generating the target modification file, and touch Send out described described in modification unit execution invocation target modification file modification the step of the code of file destination.
- 8. device according to claim 6, it is characterised in that the file destination includes data segment, the data segment bag Include the characteristic value;The modification unit, generation of the code in the data segment of characteristic value described in file modification is changed specifically for invocation target Present position in code, to change the code of characteristic value present position in the code of the file destination.
- 9. device according to claim 6, it is characterised in that the file destination includes flag, and the flag is used In the coding mode for identifying the characteristic value;The modification unit, specifically for the value of flag described in invocation target modification file modification, to change the characteristic value Coding mode.
- 10. device according to claim 9, it is characterised in that the file destination includes data segment, and the flag is The flag bit of the data segment;The mode of the value of flag is specially described in the modification cell call target modification file modification:The value of flag bit described in invocation target modification file modification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510472634.1A CN105117661B (en) | 2015-08-04 | 2015-08-04 | File protection method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510472634.1A CN105117661B (en) | 2015-08-04 | 2015-08-04 | File protection method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105117661A CN105117661A (en) | 2015-12-02 |
CN105117661B true CN105117661B (en) | 2018-05-08 |
Family
ID=54665645
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510472634.1A Active CN105117661B (en) | 2015-08-04 | 2015-08-04 | File protection method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105117661B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106909810A (en) * | 2015-12-22 | 2017-06-30 | 北京奇虎科技有限公司 | A kind of method and device for realizing APK file protection |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7280956B2 (en) * | 2003-10-24 | 2007-10-09 | Microsoft Corporation | System, method, and computer program product for file encryption, decryption and transfer |
CN101359353A (en) * | 2008-09-05 | 2009-02-04 | 成都市华为赛门铁克科技有限公司 | File protection method and device |
CN102334124A (en) * | 2011-08-15 | 2012-01-25 | 华为终端有限公司 | File protection method and device |
CN102831346A (en) * | 2012-07-31 | 2012-12-19 | 深圳市紫色力腾科技发展有限公司 | Method and system for file protection |
CN103793665A (en) * | 2014-03-06 | 2014-05-14 | 北京淦蓝润和信息技术有限公司 | Electronic document processing method and device |
-
2015
- 2015-08-04 CN CN201510472634.1A patent/CN105117661B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7280956B2 (en) * | 2003-10-24 | 2007-10-09 | Microsoft Corporation | System, method, and computer program product for file encryption, decryption and transfer |
CN101359353A (en) * | 2008-09-05 | 2009-02-04 | 成都市华为赛门铁克科技有限公司 | File protection method and device |
CN102334124A (en) * | 2011-08-15 | 2012-01-25 | 华为终端有限公司 | File protection method and device |
CN102831346A (en) * | 2012-07-31 | 2012-12-19 | 深圳市紫色力腾科技发展有限公司 | Method and system for file protection |
CN103793665A (en) * | 2014-03-06 | 2014-05-14 | 北京淦蓝润和信息技术有限公司 | Electronic document processing method and device |
Non-Patent Citations (2)
Title |
---|
PE文件加壳技术研究与实现;焦龙龙等;《信息网络安全》;20130131;全文 * |
vfp&exe加密程序破解实录;lpyxt;《香雪网》;20010817;第1-3页 * |
Also Published As
Publication number | Publication date |
---|---|
CN105117661A (en) | 2015-12-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4320013B2 (en) | Unauthorized processing determination method, data processing apparatus, computer program, and recording medium | |
JP6058245B2 (en) | Random number expansion apparatus, random number expansion method and random number expansion program | |
CN104685508B (en) | Data processing equipment and data processing method | |
US9432400B2 (en) | Method and system for protecting against unknown malicious activities by detecting a heap spray attack on an electronic device | |
US9230455B2 (en) | Steganographic embedding of executable code | |
EP4089556A1 (en) | Code pointer authentication for hardware flow control | |
EP3270318B1 (en) | Dynamic security module terminal device and method for operating same | |
CN105760762B (en) | A kind of unknown malicious code detecting method of embeded processor | |
CN110868405B (en) | Malicious code detection method and device, computer equipment and storage medium | |
CN107239698A (en) | A kind of anti-debug method and apparatus based on signal transacting mechanism | |
KR20160099160A (en) | Method of modelling behavior pattern of instruction set in n-gram manner, computing device operating with the method, and program stored in storage medium configured to execute the method in computing device | |
CN105245495A (en) | Similarity match based rapid detection method for malicious shellcode | |
CN105117661B (en) | File protection method and device | |
CN109977633A (en) | A kind of program protection method and relevant apparatus | |
CN108985096A (en) | A kind of enhancing of Android SQLite database security, method for safely carrying out and device | |
CN108021790B (en) | File protection method and device, computing equipment and computer storage medium | |
CN107798241A (en) | Attack detecting device, system and method | |
US10044752B1 (en) | Null-byte injection detection | |
CN112613034B (en) | Malicious document detection method and system, electronic device and storage medium | |
CN111881047B (en) | Method and device for processing obfuscated script | |
CN108256327A (en) | A kind of file test method and device | |
CN106980564A (en) | Process behavior monitoring method based on kernel hook | |
EP2947590A1 (en) | Program code obfuscation based upon recently executed program code | |
CN115248908A (en) | Method, device, equipment and storage medium for protecting core code | |
CN115203652B (en) | IOS end security encryption control method based on source confusion |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20181203 Address after: Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Leopard Technology Co.,Ltd. Address before: 100085 East District, Second Floor, 33 Xiaoying West Road, Haidian District, Beijing Patentee before: BEIJING KINGSOFT INTERNET SECURITY SOFTWARE Co.,Ltd. |
|
TR01 | Transfer of patent right |