CN113792319A - File encryption method and device, storage medium and electronic equipment - Google Patents
File encryption method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN113792319A CN113792319A CN202111111464.6A CN202111111464A CN113792319A CN 113792319 A CN113792319 A CN 113792319A CN 202111111464 A CN202111111464 A CN 202111111464A CN 113792319 A CN113792319 A CN 113792319A
- Authority
- CN
- China
- Prior art keywords
- file
- processed
- encryption
- header
- rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 238000012545 processing Methods 0.000 claims description 24
- 238000006243 chemical reaction Methods 0.000 claims description 18
- 238000004458 analytical method Methods 0.000 claims description 15
- 238000004590 computer program Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 description 11
- 238000013478 data encryption standard Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000011218 segmentation Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 231100000279 safety data Toxicity 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The disclosure provides a file encryption method, a file encryption device, a computer readable storage medium and an electronic device, and belongs to the technical field of computers. The method comprises the following steps: when detecting that a target application executes write-in operation about a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application; and determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type. According to the method and the device, the files in the target application program are encrypted, so that the safety of the files can be improved, and data leakage is prevented.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a file encryption method, a file encryption apparatus, a computer-readable storage medium, and an electronic device.
Background
The transparent encryption technology is a file encryption technology which is generated in response to the security requirement of enterprise files in recent years. Specifically, when a user opens or edits a file, the system can automatically complete the encryption of the unencrypted file, and the whole process cannot be sensed by the user, so that the normal operation of the user cannot be influenced.
At present, when a file is encrypted, file types can be distinguished through a suffix name of the file, and the file of the corresponding file type is encrypted. The method for judging the file type is simple and direct, extra resource overhead is not generated, but once the suffix name of the file is changed, the real type of the file cannot be identified, so that the encrypted file becomes a plaintext, and safety data leakage is caused.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the present disclosure, and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The disclosure provides a file encryption method, a file encryption device, a computer readable storage medium and an electronic device, thereby at least solving the problem that data leakage is easily caused by tampering of a file in the prior art to a certain extent.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to a first aspect of the present disclosure, there is provided a file encryption method, the method comprising: when detecting that a target application executes write-in operation about a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application; and determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type.
In an exemplary embodiment of the present disclosure, the obtaining of the header rule corresponding to the target application includes: and detecting the application type of the target application through the kernel layer driver, and acquiring a file header rule corresponding to the target application according to the application type.
In an exemplary embodiment of the present disclosure, the determining a file encryption type of the file to be processed according to the file header rule includes: determining an analysis rule of a file header of the file to be processed and a file header check identifier of the file to be processed according to the file header rule; and analyzing the file to be processed according to the analysis rule to obtain a file header of the file to be processed, matching the file header of the file to be processed with a file header check identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type.
In an exemplary embodiment of the present disclosure, when the to-be-processed file is parsed according to the parsing rule, the method includes: determining the byte number of the file header of the file to be processed and/or the byte position of each byte in the file to be processed according to the analysis rule; and extracting byte data according to the byte number and/or the byte position of each byte in the file to be processed to obtain a file header of the file to be processed.
In an exemplary embodiment of the present disclosure, when matching a file header of the file to be processed with a file header check identifier of the file to be processed and determining whether the file to be processed belongs to an encrypted file type, the method further includes: converting the file header of the file to be processed according to a preset conversion rule, matching the processed file header with the file header check identifier of the file to be processed, and determining whether the file to be processed belongs to the encrypted file type; the preset conversion rule comprises the step of converting the file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the method further comprises: determining an encryption strategy matched with the file type of the file to be processed according to the file header rule, wherein the encryption strategy comprises the encryption grade of the file to be processed and an encryption algorithm corresponding to the encryption grade; and when the file to be processed is determined to belong to the encrypted file type, adding an encryption identifier at the head or the tail of the file to be processed so that the kernel layer driver determines an encryption algorithm according to the encryption identifier and encrypts the file to be processed according to the encryption algorithm.
In an exemplary embodiment of the present disclosure, when encrypting the file to be processed, the method further includes: acquiring an encryption key of the file to be processed by sending an acquisition request of the encryption key of the file to be processed to a server; and based on a preset encryption algorithm, encrypting the file to be processed by adopting the encryption key of the file to be processed, wherein the preset encryption algorithm comprises any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm and a combined algorithm formed by the symmetric encryption algorithm and the asymmetric encryption algorithm.
According to a second aspect of the present disclosure, there is provided a file encryption apparatus, the apparatus comprising: the device comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring a file header rule corresponding to a target application when the kernel layer driver detects that the target application executes write-in operation on a file to be processed; and the encryption module is used for determining the file encryption type of the file to be processed according to the file header rule and encrypting the file to be processed according to the file encryption type.
In an exemplary embodiment of the disclosure, the obtaining module is configured to detect an application type of the target application through the kernel layer driver, and obtain a header rule corresponding to the target application according to the application type.
In an exemplary embodiment of the present disclosure, the encryption module is configured to determine, according to the file header rule, an analysis rule of a file header of the file to be processed and a file header check identifier of the file to be processed, analyze the file to be processed according to the analysis rule to obtain the file header of the file to be processed, match the file header of the file to be processed and the file header check identifier of the file to be processed, and determine whether the file to be processed belongs to an encrypted file type.
In an exemplary embodiment of the present disclosure, when the file to be processed is parsed according to the parsing rule, the encryption module is further configured to determine, according to the parsing rule, a byte number of a file header of the file to be processed and/or a byte position of each byte in the file to be processed, and extract byte data according to the byte number and/or the byte position of each byte in the file to be processed, so as to obtain the file header of the file to be processed.
In an exemplary embodiment of the present disclosure, when matching a file header of the file to be processed with a file header check identifier of the file to be processed and determining whether the file to be processed belongs to an encrypted file type, the encryption module is further configured to perform conversion processing on the file header of the file to be processed according to a preset conversion rule, match the processed file header with the file header check identifier of the file to be processed, and determine whether the file to be processed belongs to the encrypted file type; the preset conversion rule comprises the step of converting the file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the encryption module is further configured to determine, according to the file header rule, an encryption policy that matches a file type of the to-be-processed file, where the encryption policy includes an encryption level of the to-be-processed file and an encryption algorithm corresponding to the encryption level, and when it is determined that the to-be-processed file belongs to an encrypted file type, add an encryption identifier to a header or a tail of the to-be-processed file, so that the kernel layer driver determines the encryption algorithm according to the encryption identifier, and encrypt the to-be-processed file according to the encryption algorithm.
In an exemplary embodiment of the disclosure, when encrypting the file to be processed, the encryption module is further configured to obtain an encryption key of the file to be processed by sending an obtaining request of the encryption key of the file to be processed to a server, and encrypt the file to be processed by using the encryption key of the file to be processed based on a preset encryption algorithm, where the preset encryption algorithm includes any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm, and a combined algorithm formed by the symmetric encryption algorithm and the asymmetric encryption algorithm.
According to a third aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements any one of the file encryption methods described above.
According to a fourth aspect of the present disclosure, there is provided an electronic device comprising: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform any of the above file encryption methods via execution of the executable instructions.
The present disclosure has the following beneficial effects:
in summary, according to the file encryption method, the file encryption apparatus, the computer-readable storage medium, and the electronic device in the exemplary embodiment, when it is detected that the target application performs the write operation on the file to be processed by the kernel layer driver, the file header rule corresponding to the target application is obtained, the file encryption type of the file to be processed is determined according to the file header rule, and the file to be processed is encrypted according to the file encryption type. According to the scheme, the file encryption type of the file to be processed is determined according to the file header rule, and the file to be processed is encrypted according to the file encryption type, so that the transparent encryption of the file can be realized, the safety of file data is guaranteed, meanwhile, the real type of the file can be determined according to the file header rule, the file type cannot be identified due to the fact that the suffix is changed on the file, the identification accuracy of the file type can be improved, and the encryption reliability is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure. It is apparent that the drawings in the following description are only some embodiments of the present disclosure, and that other drawings can be obtained from those drawings without inventive effort for a person skilled in the art.
FIG. 1 illustrates a flow chart of a file encryption method in the present exemplary embodiment;
FIG. 2 illustrates a flow chart for determining a file encryption type in the exemplary embodiment;
FIG. 3 shows a flowchart for encrypting a file to be processed in the present exemplary embodiment;
FIG. 4 shows a flowchart of another method of encrypting a file to be processed in the present exemplary embodiment;
FIG. 5 shows a flowchart of another file encryption method in the present exemplary embodiment;
fig. 6 is a block diagram showing the configuration of a file encryption apparatus in the present exemplary embodiment;
FIG. 7 illustrates a computer-readable storage medium for implementing the above-described method in the present exemplary embodiment;
fig. 8 shows an electronic device for implementing the above method in the present exemplary embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
The exemplary embodiment of the present disclosure first provides a file encryption method, which may be applied to a terminal device, so that when the terminal device processes a file to be processed using a target application, the file to be processed is encrypted, and the normal operation of a user is not affected in the encryption process. As an example of the system environment of the file encryption method in the exemplary embodiment, the file encryption method may be implemented by a file processing system having data processing monitoring and encryption functions in the terminal device, where the file processing system may be a file system configured at a kernel layer of an operating system, such as an interface layer that may be located between the file system and a service system, and when a user processes a file through a target application, the file processing system may monitor an operation type of the target application on the file through a kernel layer driver and transparently encrypt the file.
Fig. 1 shows a flow of the present exemplary embodiment, which may include the following steps S110 to S120:
and S110, when the kernel layer driver detects that the target application executes the writing operation of the file to be processed, acquiring a file header rule corresponding to the target application.
The kernel layer is the most basic part of an operating system, and can provide secure access to computer hardware for various application programs, the operating system can be generally divided into a kernel mode and a user mode, the kernel code of the system runs in the kernel mode, and the non-kernel code runs in the user mode. The kernel layer driver is a program which runs in a kernel mode and has the highest authority of an operating system, and can be used for receiving an access request of an application program sent by an I/O manager and processing the access request. In the present exemplary embodiment, the target application may be any application program, such as any one or more of CAD software, Revit software, SketchUp software, and the like; the file to be processed may be a file processed by the target application, and the file to be processed may be a file in a DWG format or a file in a DXF format, for example, using CAD software. The write operation may include a backup of the file to be processed, saving history data, logging, etc. The header rule corresponding to the target application may be a header rule corresponding to each file type supported by the target application, including but not limited to a reading rule, a parsing rule, and a storing rule of the header, and the header rule may be generated by a user through an application layer, that is, a user mode configuration in advance.
When the file to be processed is processed by the target application, the operation type of the file to be processed by the target application can be monitored through the kernel layer driver, and when it is detected that the target application executes a write operation on the file to be processed, a file header rule corresponding to the target application is obtained, for example, a file header rule corresponding to the target application can be read from a rule file configured by an application layer.
Specifically, in an optional implementation manner, the header rule corresponding to the target application may be obtained by the following method:
and detecting the application type of the target application through the kernel layer driver, and acquiring a file header rule corresponding to the target application according to the application type.
For each application program running on the terminal device, the kernel layer driver may monitor the running state of each application, for example, may monitor what operation is performed on a file by each application, and authority information of a user currently performing the operation, and the like. When it is detected that the target application performs the write operation on the file to be processed, the application type of the target application may be determined, for example, an application name of the target application may be determined according to the stored application identifier of each application, and a header rule corresponding to the target application may be obtained according to the application name. For example, when it is detected that the target application performs a backup operation or an operation of recording a log, history data, or the like on the file to be processed, a file header rule stored in advance by the terminal device with respect to the target application may be read in accordance with the application type of the target application.
By the method for monitoring the operation of the target application on the file to be processed by the kernel layer driver, when the file to be processed is processed by the target application, the processing environment of the file to be processed can be detected in real time, and whether the file to be processed is in a safe environment or not can be judged.
In addition, when the target application reads the file to be processed, the kernel layer driver may determine the operation authority of the current operating user according to the access request of the application program, for example, the kernel layer driver may determine the operation authority of the current operating user according to the user identifier in the read request of the target application sent by the I/O manager, such as determining whether the operating user has the read authority or determining whether the user having the read authority has the write authority, and the like, control the operating user to process the file to be processed within the range of the operation authority, such as when determining that the operating user is allowed to access the file to be processed, may send the access request to the file system storing the file to be processed, and control the target application to read the file to be processed.
And S120, determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type.
After the file header rule corresponding to the target application is obtained, the file encryption type of the file to be processed, such as whether the file to be processed belongs to the file to be encrypted or not, the encryption grade of the file to be processed, and the like, can be determined according to the file header rule, so as to encrypt the file to be processed according to the file encryption type of the file to be processed.
In an alternative embodiment, referring to fig. 2, step S120 can be implemented by the following steps S210 to S220:
step S210, determining the analysis rule of the file header of the file to be processed and the file header check mark of the file to be processed according to the file header rule.
The parsing rule of the file header of the file to be processed may include a reading mode and a conversion rule of the file header of the file to be processed, and the like; the file header check identifier of the file to be processed can be used for verifying whether the file header of the file to be processed meets the encryption condition, and can be an identifier formed by numbers, letters, special symbols and the like. In this exemplary embodiment, the file header check identifier of the file to be processed may be set by an operator in advance according to the encryption requirement and the file type supported by the target application, for example, the file header check identifier may be set separately for each file type corresponding to the target application, or if files of all file types supported by the target application need to be encrypted, the file header check identifiers of all file types corresponding to the target application may be set as the same identification data. Table 1 below shows an example of a header check mark, as follows:
TABLE 1
| Target application | File type | File head checking mark | Identifying a location |
| Revit | RVT/RTE/RFA | D0 CF 11 E0 A1 B1 1A E1 | Header 8 bits |
| CAD | DWG/DWT | 41 43 31 30 | Header 4 bits |
| SketchUp | SKP | FF FF FF 0E 53 20 6B 20 | Header 8 bits |
In the file header check marks, the file header check marks corresponding to all file types belonging to the same application program are the same check mark.
After obtaining the file header rule corresponding to the target application, the file header rule of the application type corresponding to the target application may be read in the file header rule, and the file header rule consistent with the file type of the file to be processed is extracted therefrom, and the parsing rule of the file header of the file to be processed is determined through the file header rule, and the file header check identifier of the file to be processed is read.
Step S220, analyzing the file to be processed according to the analysis rule to obtain the file header of the file to be processed, matching the file header of the file to be processed with the file header check mark of the file to be processed, and determining whether the file to be processed belongs to the encrypted file type.
After the parsing rule of the file header of the file to be processed is determined, the file to be processed can be parsed according to the parsing rule, for example, byte data of the file to be processed can be read, data within a certain byte range is extracted from the byte data to serve as the file header of the file to be processed, and then the file header of the file to be processed is matched with the file header check identifier of the file to be processed to determine whether the file to be processed belongs to the encrypted file type. For example, when it is determined that the file header of the file to be processed is successfully matched with the file header check identifier, it may be determined that the file to be processed belongs to the encrypted file type, otherwise, if the file header of the file to be processed is unsuccessfully matched with the file header check identifier, it indicates that the file to be processed does not need to be encrypted, and at this time, the kernel layer driver may issue an access request of the target application to the next layer driver for processing, so as to control the target application to normally process the file to be processed.
In fact, before the file is read by the application program, the file is stored in the hard disk in a binary mode according to a certain sequence, and only when the application program reads the contents of each part of the file according to the fixed sequence, the data in the file can be obtained, otherwise, correct file data cannot be obtained. In the exemplary embodiment, the file header is used as an identifier indicating "identity" to the application program, and may also be parsed from the file to be processed according to the parsing rule corresponding to the file header. Specifically, in an optional implementation manner, the file header of the file to be processed may be obtained by parsing the file to be processed by executing the following method:
determining the byte number of a file header of the file to be processed and/or the byte position of each byte in the file to be processed through an analysis rule;
and extracting byte data according to the byte number and/or the byte position of each byte in the file to be processed to obtain the file header of the file to be processed.
For example, the kernel layer driver may determine, according to the parsing rule of the file header of the file to be processed, the number of bytes of the file header of the file to be processed, and when the file header of the file to be processed is obtained, the file header of the file to be processed may be obtained by reading, starting from the header of the file to be processed, and for files in the DWG and DWT formats in the CAD software, the file header may be the byte data of the first 4 bytes, that is, 41433130. For another example, the kernel layer driver may determine, according to a parsing rule of a header of the file to be processed, the number of bytes and the byte position of the header of the file to be processed, for example, the header of the file to be processed may be read according to the number of intervals of each byte, for example, for a file in the SKP format in the SketchUp software, byte data may be read from a first byte at intervals of 1 bit to obtain a header with a number of bytes of 4, that is, the obtained header is FF 536B.
By the method, the file header of the file to be processed can be read according to the established file rule, and after the file is encrypted in this way, the true type of the file can still be identified even if the suffix of the file is modified.
In an optional implementation manner, when matching the file header of the file to be processed with the file header check identifier of the file to be processed and determining whether the file to be processed belongs to the encrypted file type, the following method may be further performed:
and converting the file header of the file to be processed according to a preset conversion rule, matching the processed file header with the file header check identifier of the file to be processed, and determining whether the file to be processed belongs to the encrypted file type.
The preset conversion rule may include converting a file header of the file to be processed into a hash value with a fixed length by using a hash algorithm.
The file header check mark of the file to be processed may be mark data obtained after a certain conversion rule processing, for example, a hash value with a fixed length obtained after a hash algorithm conversion may be used. Therefore, when the file header of the file to be processed is matched with the file header check identifier of the file to be processed, the file header of the file to be processed can be converted according to the preset conversion rule, and then the file header obtained after processing is matched with the file header check identifier to determine whether the file to be processed belongs to the encrypted file type. By the method, the file header check mark can be stored as the mark data processed by the conversion rule, so that the safety level of the file header check mark can be improved, and the influence on the encryption of the file to be processed caused by the random modification of the file header check mark can be avoided. In addition, when the data volume of the file header of the file to be processed is large, the file header can be converted into the hash value with the fixed length through a preset conversion rule, and the speed of judging the file encryption type of the file to be processed is improved.
Further, when encrypting, different encryption rules may be configured for different types or levels of files, and specifically, in an alternative embodiment, as shown in fig. 3, the file to be processed may be encrypted by performing the following steps S310 to S320:
step S310, determining an encryption strategy matched with the file type of the file to be processed according to the file header rule.
The encryption policy may include an encryption level of the file to be processed and an encryption algorithm corresponding to the encryption level, for example, the file information of the file to be processed may include an importance level of the file, and the encryption policy may be an encryption algorithm with different complexity configured according to the importance level of the file. When the file to be processed is encrypted through the kernel layer driver, the kernel layer driver can read a file header rule configured by the application layer and determine an encryption strategy matched with the file type of the file to be processed.
And step S320, when the file to be processed is determined to belong to the encrypted file type, adding an encryption identifier at the head or the tail of the file to be processed, so that the kernel layer driver determines an encryption algorithm according to the encryption identifier and encrypts the file to be processed according to the encryption algorithm.
When the file to be processed is determined to belong to the encrypted file type, the kernel layer driver can add a self-defined encryption identifier, such as a character string with a certain length, to the head or the tail of the file to be processed, and the file to be processed is encrypted by an encryption algorithm according to the encryption algorithm corresponding to the encryption identifier of the file to be processed. For example, the encryption identifier may include an encryption algorithm and an encryption key of the file to be processed, and when the encryption is performed, the kernel layer driver may obtain the encryption key according to the encryption identifier of the file to be processed, and encrypt the file to be processed according to the encryption algorithm by using the encryption key.
Through the steps S310 to S320, the files to be processed can be encrypted by adopting corresponding encryption strategies based on different file types, so that the files can be encrypted differently, the encryption flexibility of the files can be improved, and the security of the files can be enhanced to a certain extent.
Further, in an alternative embodiment, the file to be processed may be encrypted by using different encryption algorithms, and the encrypted key may be obtained by sending a request to the server, that is, when performing the encryption process, referring to fig. 4, the following method may also be performed:
step S410, obtaining the encryption key of the file to be processed by sending a request for obtaining the encryption key of the file to be processed to the server.
For example, when encrypting, the terminal device may send a file header check code of the file to be processed to the server as a file identifier of the file to be processed, so as to receive an encryption key distributed by the server according to the file identifier.
Step S420, based on a preset encryption algorithm, performing encryption processing on the file to be processed by using the encryption key of the file to be processed.
The preset Encryption algorithm may include any one or more of a symmetric Encryption algorithm, an asymmetric Encryption algorithm, and a combination algorithm composed of a symmetric Encryption algorithm and an asymmetric Encryption algorithm, such as an AES (Advanced Encryption Standard) algorithm, a DES (Data Encryption Standard) algorithm, an RSA algorithm (an asymmetric Encryption algorithm), and the like.
After the encryption key is obtained, the kernel layer driver may encrypt the file to be processed by using the encryption key according to the corresponding encryption algorithm. Taking a DES algorithm as an example, the kernel layer driver may replace the data position in the file to be processed by passing through the IP replacement table, then perform iterative processing on the replaced file to be processed by using the sub-key, and finally perform inverse replacement to generate final ciphertext data.
By the method, the transparent encryption of the file to be processed can be completed, so that the file to be processed is stored as ciphertext data in the hard disk and is plaintext data in the memory, and the safety of the file to be processed can be effectively guaranteed.
In an optional implementation manner, the file header rule may further include a data segmentation rule when the file to be processed is encrypted, and when the file to be processed is encrypted, the file to be processed may be further segmented according to the data segmentation rule, and then each segment of the file to be processed is encrypted according to different or the same encryption algorithm, so as to generate final ciphertext data. The data segmentation rule may include a length of each segment, an interval of the segments, and the like, which is not specifically limited in this exemplary embodiment. In this way, the security of the file can be further improved.
In this exemplary embodiment, a specific target application may be monitored, and a file that performs a write operation in the target application may be encrypted. Specifically, referring to fig. 5, assuming that the target application is CAD software, Revit software, and SketchUp software, the following steps may be performed:
in step S510, the kernel layer driver monitors the application program to perform a write operation on the file to be processed, and when it is determined that the write operation is performed, step S520 is performed.
Step S520, determining the application type of the application program, and determining whether the application program is the target application. When it is determined that the application program is the target application, step S530 may be performed, whereas when it is determined that the application program is not the target application, step S560 may be performed, storing the file to be processed.
Specifically, the kernel layer driver may monitor whether the target application is any one or more of the CAD software, Revit software, and SketchUp software described above.
Step S530, determining an analysis rule of the file header of the file to be processed according to the file header rule corresponding to the target application, and analyzing the file header of the file to be processed according to the analysis rule.
For example, when the target application is Revit software, an 8-bit file header located in the header of the file to be processed can be obtained by parsing from the file to be processed; when the target application is CAD software, a 4-bit file header positioned at the header of the file to be processed can be obtained by analyzing the file to be processed; when the target application is SketchUp software, an 8-bit file header positioned at the head of the file to be processed can be obtained by parsing from the file to be processed.
And step S540, judging whether the file header of the file to be processed is matched with the corresponding file header check mark.
When it is determined that the file header of the file to be processed matches the corresponding file header check identifier, it indicates that the file to be processed belongs to the file encryption type, step S550 may be executed to complete encryption of the file to be processed, otherwise, it indicates that the file to be processed does not belong to the file encryption type, step S560 may be executed to store the file to be processed.
And step S550, encrypting the file to be processed.
For example, the file header rule may be configured with an encryption key and an encryption rule for storing the file to be processed, and the kernel layer driver may determine an encryption algorithm for encrypting the file to be processed by using the file header rule and encrypt the file to be processed by using the encryption key.
And step S560, storing the encrypted file to be processed to a storage medium.
The storage medium may also be a local database or any cloud data storage platform, and the like, which is not particularly limited in this exemplary embodiment.
In summary, according to the file encryption method in the exemplary embodiment, when it is detected that the target application performs the write operation on the file to be processed by using the kernel layer driver, the file header rule corresponding to the target application is obtained, the file encryption type of the file to be processed is determined according to the file header rule, and the file to be processed is encrypted according to the file encryption type. According to the scheme, the file encryption type of the file to be processed is determined according to the file header rule, and the file to be processed is encrypted according to the file encryption type, so that the transparent encryption of the file can be realized, the safety of file data is guaranteed, meanwhile, the real type of the file can be determined according to the file header rule, the file type cannot be identified due to the fact that the suffix is changed on the file, the identification accuracy of the file type can be improved, and the encryption reliability is improved.
The present exemplary embodiment further provides a file encryption apparatus, and as shown in fig. 6, the file encryption apparatus 600 may include: the obtaining module 610 may be configured to obtain a file header rule corresponding to a target application when it is detected that the target application performs a write operation on a file to be processed through a kernel layer driver; the encryption module 620 may be configured to determine a file encryption type of the file to be processed according to the file header rule, and encrypt the file to be processed according to the file encryption type.
In an exemplary embodiment of the disclosure, the obtaining module 610 may be configured to detect an application type of a target application through a kernel layer driver, and obtain a header rule corresponding to the target application according to the application type.
In an exemplary embodiment of the present disclosure, the encryption module 620 may be configured to determine an analysis rule of a file header of the file to be processed and a file header check identifier of the file to be processed according to the file header rule, analyze the file to be processed according to the analysis rule to obtain the file header of the file to be processed, match the file header of the file to be processed with the file header check identifier of the file to be processed, and determine whether the file to be processed belongs to the encrypted file type.
In an exemplary embodiment of the present disclosure, when the file to be processed is parsed according to the parsing rule, the encryption module 620 may further be configured to determine, according to the parsing rule, a byte number of a file header of the file to be processed and/or a byte position of each byte in the file to be processed, and extract byte data according to the byte number and/or the byte position of each byte in the file to be processed, so as to obtain the file header of the file to be processed.
In an exemplary embodiment of the present disclosure, when matching a file header of a file to be processed with a file header check identifier of the file to be processed and determining whether the file to be processed belongs to an encrypted file type, the encryption module 620 may further be configured to perform conversion processing on the file header of the file to be processed according to a preset conversion rule, match the processed file header with the file header check identifier of the file to be processed, and determine whether the file to be processed belongs to the encrypted file type; the preset conversion rule comprises the step of converting a file header of a file to be processed into a hash value with a fixed length by adopting a hash algorithm.
In an exemplary embodiment of the present disclosure, the encryption module 620 may further be configured to determine, according to a file header rule, an encryption policy that matches a file type of the file to be processed, where the encryption policy includes an encryption level of the file to be processed and an encryption algorithm corresponding to the encryption level, and when it is determined that the file to be processed belongs to the encryption file type, add an encryption identifier to a header or a tail of the file to be processed, so that the kernel layer driver determines the encryption algorithm according to the encryption identifier and encrypts the file to be processed according to the encryption algorithm.
In an exemplary embodiment of the disclosure, when encrypting the file to be processed, the encryption module 620 may further be configured to obtain the encryption key of the file to be processed by sending an obtaining request of the encryption key of the file to be processed to the server, and encrypt the file to be processed by using the encryption key of the file to be processed based on a preset encryption algorithm, where the preset encryption algorithm includes any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm, and a combined algorithm formed by the symmetric encryption algorithm and the asymmetric encryption algorithm.
The specific details of each module in the above apparatus have been described in detail in the method section, and details of an undisclosed scheme may refer to the method section, and thus are not described again.
As will be appreciated by one skilled in the art, aspects of the present disclosure may be embodied as a system, method or program product. Accordingly, various aspects of the present disclosure may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
Exemplary embodiments of the present disclosure also provide a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the disclosure described in the above-mentioned "exemplary methods" section of this specification, when the program product is run on the terminal device.
Referring to fig. 7, a program product 700 for implementing the above method according to an exemplary embodiment of the present disclosure is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present disclosure is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The exemplary embodiment of the present disclosure also provides an electronic device capable of implementing the method described above, and the electronic device may be a terminal device for executing the file encryption method in the exemplary embodiment. An electronic device 800 according to such an exemplary embodiment of the present disclosure is described below with reference to fig. 8. The electronic device 800 shown in fig. 8 is only an example and should not bring any limitations to the functionality and scope of use of the embodiments of the present disclosure.
As shown in fig. 8, electronic device 800 may take the form of a general purpose computing device. The components of the electronic device 800 may include, but are not limited to: the at least one processing unit 810, the at least one memory unit 820, a bus 830 connecting the various system components (including the memory unit 820 and the processing unit 810), and a display unit 840.
Wherein the storage unit 820 stores program code that may be executed by the processing unit 810 to cause the processing unit 810 to perform the steps according to various exemplary embodiments of the present disclosure described in the above section "exemplary method" of this specification. For example, processing unit 810 may perform the method steps shown in fig. 1-5, and so on.
The storage unit 820 may include readable media in the form of volatile storage units, such as a random access storage unit (RAM)821 and/or a cache storage unit 822, and may further include a read only storage unit (ROM) 823.
The electronic device 800 may also communicate with one or more external devices 900 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 800, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 800 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 850. Also, the electronic device 800 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 860. As shown, the network adapter 860 communicates with the other modules of the electronic device 800 via the bus 830. It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction with the electronic device 800, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functions of two or more modules or units described above may be embodied in one module or unit, according to exemplary embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Furthermore, the above-described figures are merely schematic illustrations of processes included in methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the exemplary embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the exemplary embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
Claims (10)
1. A method for encrypting a file, the method comprising:
when detecting that a target application executes write-in operation about a file to be processed through a kernel layer driver, acquiring a file header rule corresponding to the target application;
and determining the file encryption type of the file to be processed according to the file header rule, and encrypting the file to be processed according to the file encryption type.
2. The method of claim 1, wherein the obtaining of the header rule corresponding to the target application comprises:
and detecting the application type of the target application through the kernel layer driver, and acquiring a file header rule corresponding to the target application according to the application type.
3. The method according to claim 1, wherein the determining the file encryption type of the file to be processed according to the file header rule comprises:
determining an analysis rule of a file header of the file to be processed and a file header check identifier of the file to be processed according to the file header rule;
and analyzing the file to be processed according to the analysis rule to obtain a file header of the file to be processed, matching the file header of the file to be processed with a file header check identifier of the file to be processed, and determining whether the file to be processed belongs to an encrypted file type.
4. The method according to claim 3, wherein when the to-be-processed file is parsed according to the parsing rule, the method comprises:
determining the byte number of the file header of the file to be processed and/or the byte position of each byte in the file to be processed according to the analysis rule;
and extracting byte data according to the byte number and/or the byte position of each byte in the file to be processed to obtain a file header of the file to be processed.
5. The method according to claim 3, wherein when matching the file header of the file to be processed with the file header check identifier of the file to be processed to determine whether the file to be processed belongs to the encrypted file type, the method further comprises:
converting the file header of the file to be processed according to a preset conversion rule, matching the processed file header with the file header check identifier of the file to be processed, and determining whether the file to be processed belongs to the encrypted file type;
the preset conversion rule comprises the step of converting the file header of the file to be processed into a hash value with a fixed length by adopting a hash algorithm.
6. The method of claim 3, further comprising:
determining an encryption strategy matched with the file type of the file to be processed according to the file header rule, wherein the encryption strategy comprises the encryption grade of the file to be processed and an encryption algorithm corresponding to the encryption grade;
and when the file to be processed is determined to belong to the encrypted file type, adding an encryption identifier at the head or the tail of the file to be processed so that the kernel layer driver determines an encryption algorithm according to the encryption identifier and encrypts the file to be processed according to the encryption algorithm.
7. The method according to claim 1, wherein when encrypting the file to be processed, the method further comprises:
acquiring an encryption key of the file to be processed by sending an acquisition request of the encryption key of the file to be processed to a server;
and based on a preset encryption algorithm, encrypting the file to be processed by adopting the encryption key of the file to be processed, wherein the preset encryption algorithm comprises any one or more of a symmetric encryption algorithm, an asymmetric encryption algorithm and a combined algorithm formed by the symmetric encryption algorithm and the asymmetric encryption algorithm.
8. An apparatus for encrypting a file, the apparatus comprising:
the device comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring a file header rule corresponding to a target application when the kernel layer driver detects that the target application executes write-in operation on a file to be processed;
and the encryption module is used for determining the file encryption type of the file to be processed according to the file header rule and encrypting the file to be processed according to the file encryption type.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method of any one of claims 1 to 7.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of claims 1-7 via execution of the executable instructions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111111464.6A CN113792319A (en) | 2021-09-18 | 2021-09-18 | File encryption method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111111464.6A CN113792319A (en) | 2021-09-18 | 2021-09-18 | File encryption method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113792319A true CN113792319A (en) | 2021-12-14 |
Family
ID=78879137
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111111464.6A Pending CN113792319A (en) | 2021-09-18 | 2021-09-18 | File encryption method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113792319A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116150786A (en) * | 2023-01-10 | 2023-05-23 | 深圳技术大学 | USB flash disk file encryption system based on instruction key self-setting |
| WO2023178792A1 (en) * | 2022-03-24 | 2023-09-28 | 平安科技(深圳)有限公司 | Ciphertext data storage method and apparatus, and device and storage medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567255A (en) * | 2003-09-02 | 2005-01-19 | 四川大学 | Method for controlling storage and access of security file system |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
| CN103218575A (en) * | 2013-04-17 | 2013-07-24 | 武汉元昊科技有限公司 | Host file security monitoring method |
| CN103617401A (en) * | 2013-11-25 | 2014-03-05 | 北京深思数盾科技有限公司 | Method and device for protecting data files |
| US20140089684A1 (en) * | 2011-08-15 | 2014-03-27 | Huawei Device Co., Ltd. | Method and apparatus for protecting file |
| CN106060003A (en) * | 2016-05-09 | 2016-10-26 | 北京航天数控系统有限公司 | Network boundary unidirectional isolated transmission device |
| CN107516045A (en) * | 2016-06-17 | 2017-12-26 | 中兴通讯股份有限公司 | Document protection method and device |
| CN110166451A (en) * | 2019-05-20 | 2019-08-23 | 北京计算机技术及应用研究所 | A kind of lightweight electronic document transmitting control system and method |
| CN110990851A (en) * | 2019-11-26 | 2020-04-10 | 山东三未信安信息科技有限公司 | Static data encryption protection method and system |
| CN111143291A (en) * | 2019-11-19 | 2020-05-12 | 厦门天锐科技股份有限公司 | Encrypted file searching method and device and electronic equipment |
| CN111324901A (en) * | 2020-02-19 | 2020-06-23 | 陈灿阳 | Method for creating and decrypting enterprise security encrypted file |
| CN112966284A (en) * | 2021-03-26 | 2021-06-15 | 知印信息技术(天津)有限公司 | File encryption and decryption method and system and computer readable storage medium |
-
2021
- 2021-09-18 CN CN202111111464.6A patent/CN113792319A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567255A (en) * | 2003-09-02 | 2005-01-19 | 四川大学 | Method for controlling storage and access of security file system |
| CN101751536A (en) * | 2009-12-16 | 2010-06-23 | 深圳市虹安信息技术有限公司 | Transparent file encryption method for increasing file header |
| US20140089684A1 (en) * | 2011-08-15 | 2014-03-27 | Huawei Device Co., Ltd. | Method and apparatus for protecting file |
| CN102609667A (en) * | 2012-02-22 | 2012-07-25 | 浙江机电职业技术学院 | Automatic file encryption and decryption system and automatic file encryption and decryption method based on filter drive program |
| CN103218575A (en) * | 2013-04-17 | 2013-07-24 | 武汉元昊科技有限公司 | Host file security monitoring method |
| CN103617401A (en) * | 2013-11-25 | 2014-03-05 | 北京深思数盾科技有限公司 | Method and device for protecting data files |
| CN106060003A (en) * | 2016-05-09 | 2016-10-26 | 北京航天数控系统有限公司 | Network boundary unidirectional isolated transmission device |
| CN107516045A (en) * | 2016-06-17 | 2017-12-26 | 中兴通讯股份有限公司 | Document protection method and device |
| CN110166451A (en) * | 2019-05-20 | 2019-08-23 | 北京计算机技术及应用研究所 | A kind of lightweight electronic document transmitting control system and method |
| CN111143291A (en) * | 2019-11-19 | 2020-05-12 | 厦门天锐科技股份有限公司 | Encrypted file searching method and device and electronic equipment |
| CN110990851A (en) * | 2019-11-26 | 2020-04-10 | 山东三未信安信息科技有限公司 | Static data encryption protection method and system |
| CN111324901A (en) * | 2020-02-19 | 2020-06-23 | 陈灿阳 | Method for creating and decrypting enterprise security encrypted file |
| CN112966284A (en) * | 2021-03-26 | 2021-06-15 | 知印信息技术(天津)有限公司 | File encryption and decryption method and system and computer readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| "《数字版权保护技术研发工程 专利检索与分析》", 31 December 2016, 中国数据出版社, pages: 421 - 422 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023178792A1 (en) * | 2022-03-24 | 2023-09-28 | 平安科技(深圳)有限公司 | Ciphertext data storage method and apparatus, and device and storage medium |
| CN116150786A (en) * | 2023-01-10 | 2023-05-23 | 深圳技术大学 | USB flash disk file encryption system based on instruction key self-setting |
| CN116150786B (en) * | 2023-01-10 | 2023-11-28 | 深圳技术大学 | USB flash disk file encryption system based on instruction key self-setting |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9843594B1 (en) | Systems and methods for detecting anomalous messages in automobile networks | |
| US8108536B1 (en) | Systems and methods for determining the trustworthiness of a server in a streaming environment | |
| US10135830B2 (en) | Utilizing transport layer security (TLS) fingerprints to determine agents and operating systems | |
| US9270467B1 (en) | Systems and methods for trust propagation of signed files across devices | |
| CN113792319A (en) | File encryption method and device, storage medium and electronic equipment | |
| CN113704781B (en) | File secure transmission method and device, electronic equipment and computer storage medium | |
| CN111291339A (en) | Processing method, device and equipment of block chain data and storage medium | |
| CN111143808B (en) | System security authentication method and device, computing equipment and storage medium | |
| CN110837635A (en) | Method, device, equipment and storage medium for equipment verification | |
| US11743133B2 (en) | Automatic anomaly detection | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN110633074A (en) | Use control method and device of software development kit | |
| CN113285945B (en) | Communication security monitoring method, device, equipment and storage medium | |
| CN114615031A (en) | File storage method and device, electronic equipment and storage medium | |
| CN109522683A (en) | Software source tracing method, system, computer equipment and storage medium | |
| CN115618316A (en) | Fingerprint collision determination method and device, storage medium and electronic equipment | |
| CN112825093B (en) | Security baseline checking method, host, server, electronic device and storage medium | |
| CN114884714A (en) | Task processing method, device, equipment and storage medium | |
| CN112883397A (en) | Data storage method, data reading method, device, equipment and storage medium | |
| CN113989177A (en) | Image data processing method, device, equipment and storage medium | |
| CN112579255B (en) | Compression protection method for virtual machine migration, migration-in migration-out accelerator module and SOC chip | |
| CN117195297B (en) | ERP-based data security and privacy protection system and method | |
| US10063348B2 (en) | Retransmission data processing device, retransmission data communication device, retransmission data communication system, retransmission data processing method, retransmission data communication method, and non-transitory computer readable medium for detecting abnormality by comparing retransmission data to transmission data | |
| CN114710354B (en) | Abnormal event detection method and device, storage medium and electronic equipment | |
| US20240089270A1 (en) | Detecting malicious behavior from handshake protocols using machine learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |