CN113923012A - Fingerprint generation method and tamper-proof method for client device - Google Patents
Fingerprint generation method and tamper-proof method for client device Download PDFInfo
- Publication number
- CN113923012A CN113923012A CN202111165563.2A CN202111165563A CN113923012A CN 113923012 A CN113923012 A CN 113923012A CN 202111165563 A CN202111165563 A CN 202111165563A CN 113923012 A CN113923012 A CN 113923012A
- Authority
- CN
- China
- Prior art keywords
- fingerprint
- client device
- storage
- hardware
- fingerprints
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000004891 communication Methods 0.000 claims abstract description 23
- 238000000605 extraction Methods 0.000 claims description 31
- 238000004590 computer program Methods 0.000 claims description 10
- 230000001172 regenerating effect Effects 0.000 claims description 6
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000003491 array Methods 0.000 claims description 3
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 230000004931 aggregating effect Effects 0.000 claims 1
- 230000006870 function Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/163—In-band adaptation of TCP data exchange; In-band control procedures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Power Engineering (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a fingerprint generation method and an anti-tampering method of client equipment in the technical field of equipment safety, which comprises the following steps: starting communication connection between the client device and the server, and acquiring hardware information of the client device according to a communication interface of the client device; sending the hardware information to a server, and eliminating external interference information of the hardware information to obtain hardware processing information; summarizing hardware processing information in a structural body form to obtain a hardware information set, and generating a character string array II from the hardware information set through a Hash function to obtain a fingerprint of the client device; the device fingerprint is written into the registry and the hard disk database of the client device and is sent to the database of the server side for storage, the storage fingerprint is formed, the device fingerprint identification method has the advantage of identifying marks for users, and the bottleneck of accurate fingerprint locking for the client device is broken through.
Description
Technical Field
The invention relates to the technical field of equipment safety, in particular to a fingerprint generation method and an anti-tampering method of client equipment.
Background
At present, the network security industry is concerned and supported by all parties, but the security problem is getting more serious, and locking the identity of an attacker and binding the fingerprint of the attacker are hot contents at present, wherein the means are endless, but the accuracy cannot be guaranteed, once the attacker uses the disguising means, the identity of the attacker can be lost, and the purpose that the attacker can be locked again even if the attacker reloads the computer cannot be achieved.
In the field of paid software, many legal manufacturers can make various anti-piracy measures such as disassembling, inserting dark piles and the like on the paid software, but the final effect is not satisfactory without exception, and the ability of protecting the legal software cannot be achieved.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a fingerprint generation method and an anti-tampering method for client equipment, which have the advantages of identifying and marking a user and break through the bottleneck of accurate fingerprint locking for the client equipment.
In order to solve the technical problem, the invention is solved by the following technical scheme:
a fingerprint generation method of a client device, comprising the steps of:
starting communication connection between client equipment and a server, and acquiring hardware information of the client equipment according to a communication interface of the client equipment;
sending the hardware information to a server, and eliminating external interference information of the hardware information to obtain hardware processing information;
summarizing hardware processing information in a structural body form to obtain a hardware information set, and generating a character string array II from the hardware information set through a Hash function to obtain a fingerprint of the client device;
and writing the fingerprint into a registry and a hard disk database of the client equipment, and sending the fingerprint to a database of the server for storage to form a storage fingerprint.
Optionally, the initiating the communication connection between the client device and the server includes the following steps:
running the client equipment, loading the connection of the server through an application program interface, and sending a TCP packet to the server;
when a monitoring port of a server side receives the TCP packet, verifying a communication request in the TCP packet;
and after the server successfully verifies the communication request, sending a back display of successful communication connection to the client equipment.
Optionally, the summarizing the hardware processing information in the form of a structural body to obtain a hardware information set includes the following steps:
acquiring a hardware list and a data type set corresponding to the hardware list according to the hardware processing information;
and the hardware lists correspond to the data type sets one by one to form a hardware information set.
Optionally, the generating a second character string array from the hardware information set through a hash function to obtain the fingerprint of the client device includes the following steps:
according to the data type set, sequentially obtaining sub-character strings corresponding to all data types of the data type set, and combining the sub-character strings through a hash function to form a character string array I;
and sequentially combining all the character string arrays I according to the sequence of the hardware list to obtain a character string array II, and forming the fingerprint.
Optionally, the external interference information is information of external hardware connected to the client device through a USB interface.
A fingerprint tamper-proofing method for a client device, comprising the fingerprint generation method for a client device according to any one of the above, further comprising the steps of:
extracting the storage fingerprints in the registry and the hard disk data, and obtaining extraction conditions, wherein the extraction conditions comprise that the storage fingerprints are simultaneously extracted, the storage fingerprints cannot be simultaneously extracted, and a group of storage fingerprints are extracted;
according to the extraction condition, marking the user using the client device, wherein the types of the marks comprise suspicious users and non-suspicious users;
when the user is marked as a suspicious user, regenerating a storage fingerprint according to the client equipment and writing the storage fingerprint into a registry and a hard disk database;
and when the user is marked as a non-suspicious user, judging whether to regenerate the storage fingerprint according to the extraction condition and writing the storage fingerprint into the registry and the hard disk database.
Optionally, marking a user using the client device according to the extraction condition includes the following steps:
when the extraction condition is that a group of stored fingerprints are extracted, marking the user of the client device as a suspicious user;
when the extraction condition is that the stored fingerprints cannot be extracted at the same time, marking the user of the client device as a non-suspicious user;
and when the extraction condition is that the storage fingerprints are extracted simultaneously, comparing the two groups of storage fingerprints, if the two groups of storage fingerprints are the same, marking as a non-suspicious user, and if the two groups of storage fingerprints are not the same, marking as a suspicious user.
Optionally, when the user is marked as a non-suspicious user, determining whether to regenerate the storage fingerprint and write the storage fingerprint into the registry and the hard disk database according to the extraction condition, including the following steps:
when the extraction condition is that the stored fingerprints are extracted at the same time, the stored fingerprints are not generated again, and the extracted stored fingerprints are continuously stored;
and when the extraction condition is that the stored fingerprint cannot be extracted at the same time, regenerating the stored fingerprint and writing the regenerated stored fingerprint into the registry and the hard disk database.
A fingerprint generation and tamper-proofing system of a client device, comprising a processor and a storage medium, wherein the storage medium stores therein a fingerprint generation method of the client device and a fingerprint tamper-proofing method of the client device, which are executed by the system.
A computer-readable storage medium storing a computer program which, when executed by a processor, performs the fingerprint generation method of a client device described in any one of the above and the fingerprint tamper-proofing method of a client device described in any one of the above.
Compared with the prior art, the technical scheme provided by the invention has the following beneficial effects:
the unique fingerprint of the client equipment is obtained by collecting the hardware information on the client equipment and integrating the hardware information, so that the client equipment is locked, fingerprint generation can be carried out again even if the system of the client equipment is reinstalled, meanwhile, the fingerprint is written into a registry and a hard disk database to identify a suspicious user, a suspicious list after the system is reinstalled in a suspicious mode is prevented, and the fingerprint of the client equipment can be regenerated after the suspicious user is marked as a key monitoring target after modifying or deleting the fingerprint in a multipoint fingerprint storage mode.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a fingerprint generation method of a client device and a fingerprint generation method of a tamper-proof method according to an embodiment of the present invention;
fig. 2 is a flowchart of a fingerprint tamper-proofing method of a fingerprint generation method and a tamper-proofing method of a client device according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples, which are illustrative of the present invention and are not to be construed as being limited thereto.
Example one
As shown in fig. 1, a fingerprint generation method of a client device includes the following steps: starting the communication connection between the client device and the server, wherein the communication connection between the client device and the server is started, and the method comprises the following steps: running the client equipment, loading the connection of the server through an application program interface, and sending a TCP packet to the server; when a monitoring port of a server side receives a TCP packet, verifying a communication request in the TCP packet; and after the server successfully verifies the communication request, sending a response that the communication connection is successful to the client equipment.
The client device operates by loading the connection to the server through the WinSock2 interface of the Windows API, and sending a TCP packet to the server, wherein the server keeps a starting state all the time and opens a corresponding port to wait for the client connection, when the server receives the TCP packet, the two parties enter a communication establishing stage, and when the server verifies that the communication request is successful, the server sends a playback, wherein the playback content comprises the IP address information and the connection success prompt information of the client device and the server, and the client device described in the invention is a hardware device using the Windows operating system.
According to a communication interface of the client device, hardware information of the client device is obtained, where the hardware information described in this embodiment refers to information written by manufacturers carried by hardware such as a CPU, a BIOS, a motherboard, an IDE controller, and a physical machine interface.
Sending the hardware information to a server, and removing external interference information of the hardware information to obtain hardware processing information, wherein the external interference information is information of external hardware connected to the client device through a USB interface, for example, hardware information obtained by hardware connected to the client device through the USB interface, such as a USB disk, an external hard disk, and the like.
The method for summarizing the hardware processing information in the form of a structural body to obtain a hardware information set comprises the following steps: acquiring a hardware list and a data type set corresponding to the hardware list according to the hardware processing information; and the hardware lists correspond to the data type sets one by one to form a hardware information set.
The hardware list includes hardware such as a CPU, a BIOS, a motherboard, an IDE controller, a physical machine interface, and the like, where, taking the motherboard as an example, a data type set corresponding to the motherboard includes a manufacturer, a motherboard name, a first power-on time, and a motherboard serial number, so as to obtain a set [ motherboard, manufacturer/motherboard name/first power-on time/motherboard serial number ], and if the hardware is the CPU, a set [ CPU, xx/xxx/xx.. xxxxx ] in the same format is generated, and a hardware information set is obtained according to the hardware list.
Generating a character string array II from the hardware information set through a hash function to obtain the fingerprint of the client device, wherein the method comprises the following steps: according to the data type set, sequentially obtaining sub-character strings corresponding to all data types of the data type set, and combining the sub-character strings through a hash function to form a character string array I; and according to the sequence of the hardware list, sequentially combining all the character string arrays I to obtain a character string array II, and forming the fingerprint.
Similarly, taking the motherboard as an example, if the motherboard information is Manufacturer ═ lenoov; name 8JCN23 WW; ReleaseDate 20180525000000.000000+ 000; the SerialNumber is PF189X8W, the substring corresponding to the Manufacturer is Manufacturer ═ lenoov, the substring corresponding to the motherboard Name is Name ═ 8JCN23WW, the substring corresponding to the first power-on time is ReleaseDate ═ 20180525000000.000000+000, the substring corresponding to the motherboard serial number is SerialNumber ═ PF189X8W, then all the substrings are combined by a hash function, and the punctuation marks and spaces are deleted, so that a first character string array of the motherboard is "Manufacturer ═ lenovame ═ 8JCN23WWReleaseDate ═ 20180525000000.000000+000SerialNumber ═ PF189X 8W", when all the hardware obtains a first character string array, each hardware is sequentially combined according to the sequence of the hardware list, so that a first character string array is obtained as a second character string, and the first character string is sequentially combined as the fingerprint client device.
The fingerprint is written into a registry and a hard disk database of the client device and is sent to a database of the server for storage to form a storage fingerprint, so that the client device has uniqueness through the storage fingerprint, and the client device is locked through the fingerprint.
Example two
As shown in fig. 2, a fingerprint tamper-proofing method for a client device includes the fingerprint generation method for a client device in any one of the above methods, and further includes the following steps: and extracting the storage fingerprints in the registry and the hard disk data, and obtaining extraction conditions, wherein the extraction conditions comprise that the storage fingerprints are simultaneously extracted, the storage fingerprints cannot be simultaneously extracted, and a group of storage fingerprints are extracted.
According to the extraction situation, marking the user using the client device, wherein the type of the mark comprises a suspicious user and a non-suspicious user, and the method comprises the following steps: when the extraction condition is that a group of stored fingerprints are extracted, marking the user of the client device as a suspicious user; when the extraction condition is that the stored fingerprints cannot be extracted at the same time, marking the user of the client device as a non-suspicious user; and when the extraction condition is that the storage fingerprints are extracted simultaneously, comparing the two groups of storage fingerprints, if the two groups of storage fingerprints are the same, marking as a non-suspicious user, and if the two groups of storage fingerprints are not the same, marking as a suspicious user.
When the user is marked as a suspicious user, the storage fingerprint is regenerated according to the client device and written into the registry and the hard disk database, and the method comprises the following steps: when the extraction condition is that the stored fingerprints are extracted at the same time, the stored fingerprints are not generated again, and the extracted stored fingerprints are continuously stored; and when the extraction condition is that the stored fingerprint cannot be extracted at the same time, regenerating the stored fingerprint and writing the regenerated stored fingerprint into the registry and the hard disk database.
And when the user is marked as a non-suspicious user, judging whether to regenerate the storage fingerprint according to the extraction condition and writing the storage fingerprint into the registry and the hard disk database.
The method for regenerating the storage fingerprint in this embodiment is the method described in the first embodiment, and because the user has behaviors such as disassembling and inserting a stub to avoid payment if the user needs to use the payment software in the client device, and the behaviors inevitably need to be performed after the user modifies the storage fingerprint of the client, the user is marked to identify whether the user is a suspicious user by means of uniqueness of the fingerprint of the client device and multipoint storage of the fingerprint, and the fingerprint is regenerated for the suspicious user to prevent the user from being tampered, so that the purpose of preventing the suspicious user from escaping the payment program to use the payment software is achieved.
A fingerprint generation and tamper-proofing system of a client device comprises a processor and a storage medium, wherein the storage system executes the fingerprint generation method of the client device and the fingerprint tamper-proofing method of the client device.
A computer-readable storage medium storing a computer program which, when executed by a processor, executes a fingerprint generation method of a client device of any one of the above and a fingerprint tamper-proofing method of a client device of any one of the above.
More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wire segments, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless section, wire section, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the modules, or units is only one type of division of logical functions, and there may be other divisions in actual implementation, for example, multiple units, modules, or components may be combined or integrated into another device, or some features may be omitted, or not executed.
The units may or may not be physically separate, and components displayed as units may be one physical unit or a plurality of physical units, that is, may be located in one place, or may be distributed in a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication section, and/or installed from a removable medium. The computer program, when executed by a Central Processing Unit (CPU), performs the above-described functions defined in the method of the present application. It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The above description is only an embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions within the technical scope of the present invention are intended to be covered by the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A fingerprint generation method of a client device, comprising the steps of:
starting communication connection between client equipment and a server, and acquiring hardware information of the client equipment according to a communication interface of the client equipment;
sending the hardware information to a server, and eliminating external interference information of the hardware information to obtain hardware processing information;
summarizing hardware processing information in a structural body form to obtain a hardware information set, and generating a character string array II from the hardware information set through a Hash function to obtain a fingerprint of the client device;
and writing the fingerprint into a registry and a hard disk database of the client equipment, and sending the fingerprint to a database of the server for storage to form a storage fingerprint.
2. The fingerprint generation method of the client device according to claim 1, wherein the initiating of the communication connection between the client device and the server comprises the following steps:
running the client equipment, loading the connection of the server through an application program interface, and sending a TCP packet to the server;
when a monitoring port of a server side receives the TCP packet, verifying a communication request in the TCP packet;
and after the server successfully verifies the communication request, sending a back display of successful communication connection to the client equipment.
3. The fingerprint generation method of a client device according to claim 1, wherein the aggregating hardware processing information in the form of a structure body to obtain a hardware information set comprises the following steps:
acquiring a hardware list and a data type set corresponding to the hardware list according to the hardware processing information;
and the hardware lists correspond to the data type sets one by one to form a hardware information set.
4. The fingerprint generation method of the client device according to claim 3, wherein the generating a string array two from the hardware information set by the hash function to obtain the fingerprint of the client device comprises the following steps:
according to the data type set, sequentially obtaining sub-character strings corresponding to all data types of the data type set, and combining the sub-character strings through a hash function to form a character string array I;
and sequentially combining all the character string arrays I according to the sequence of the hardware list to obtain a character string array II, and forming the fingerprint.
5. The fingerprint generation method for a client device according to claim 1, wherein the external interference information is information of an external hardware connected to the client device through a USB interface.
6. A fingerprint tamper-proofing method for a client device, comprising the fingerprint generation method for a client device according to any one of claims 1 to 5, further comprising the steps of:
extracting the storage fingerprints in the registry and the hard disk data, and obtaining extraction conditions, wherein the extraction conditions comprise that the storage fingerprints are simultaneously extracted, the storage fingerprints cannot be simultaneously extracted, and a group of storage fingerprints are extracted;
according to the extraction condition, marking the user using the client device, wherein the types of the marks comprise suspicious users and non-suspicious users;
when the user is marked as a suspicious user, regenerating a storage fingerprint according to the client equipment and writing the storage fingerprint into a registry and a hard disk database;
and when the user is marked as a non-suspicious user, judging whether to regenerate the storage fingerprint according to the extraction condition and writing the storage fingerprint into the registry and the hard disk database.
7. The fingerprint tamper-proofing method of the client device according to claim 6, wherein the user using the client device is marked according to the extraction condition, comprising the following steps:
when the extraction condition is that a group of stored fingerprints are extracted, marking the user of the client device as a suspicious user;
when the extraction condition is that the stored fingerprints cannot be extracted at the same time, marking the user of the client device as a non-suspicious user;
and when the extraction condition is that the storage fingerprints are extracted simultaneously, comparing the two groups of storage fingerprints, if the two groups of storage fingerprints are the same, marking as a non-suspicious user, and if the two groups of storage fingerprints are not the same, marking as a suspicious user.
8. The fingerprint tamper-proofing method of the client device according to claim 6, when the user is marked as a non-suspicious user, determining whether to regenerate the stored fingerprint and write the fingerprint into the registry and the hard disk database according to the extraction condition, comprising the steps of:
when the extraction condition is that the stored fingerprints are extracted at the same time, the stored fingerprints are not generated again, and the extracted stored fingerprints are continuously stored;
and when the extraction condition is that the stored fingerprint cannot be extracted at the same time, regenerating the stored fingerprint and writing the regenerated stored fingerprint into the registry and the hard disk database.
9. A fingerprint generation and tamper-proofing system of a client device, comprising a processor and a storage medium in which the system is stored, the fingerprint generation method of the client device according to any one of claims 1 to 5 and the fingerprint tamper-proofing method of the client device according to any one of claims 6 to 8 being performed.
10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, performs the fingerprint generation method of a client device according to any one of claims 1 to 5 and the fingerprint tamper-proofing method of a client device according to any one of claims 6 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111165563.2A CN113923012B (en) | 2021-09-30 | 2021-09-30 | Fingerprint generation method and tamper-proof method of client device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111165563.2A CN113923012B (en) | 2021-09-30 | 2021-09-30 | Fingerprint generation method and tamper-proof method of client device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113923012A true CN113923012A (en) | 2022-01-11 |
| CN113923012B CN113923012B (en) | 2024-01-26 |
Family
ID=79237921
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111165563.2A Active CN113923012B (en) | 2021-09-30 | 2021-09-30 | Fingerprint generation method and tamper-proof method of client device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113923012B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101610281A (en) * | 2008-06-19 | 2009-12-23 | 华为技术有限公司 | A kind of data fingerprint store method and device |
| CN201717891U (en) * | 2010-07-07 | 2011-01-19 | 中国工商银行股份有限公司 | Safety certification system |
| CN106952096A (en) * | 2017-03-03 | 2017-07-14 | 中国工商银行股份有限公司 | Security certification system, method and the credible identifying device of client of client device |
| CN108364022A (en) * | 2018-02-09 | 2018-08-03 | 杭州默安科技有限公司 | The browser-cross device identification method of fingerprint similarity is analyzed based on machine learning |
| US20180324153A1 (en) * | 2017-05-08 | 2018-11-08 | Salesforce.Com, Inc. | Client fingerprinting for information system security |
| CN111818514A (en) * | 2020-08-28 | 2020-10-23 | 北京智慧易科技有限公司 | Privacy security equipment identifier generation method, device and system |
-
2021
- 2021-09-30 CN CN202111165563.2A patent/CN113923012B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101610281A (en) * | 2008-06-19 | 2009-12-23 | 华为技术有限公司 | A kind of data fingerprint store method and device |
| CN201717891U (en) * | 2010-07-07 | 2011-01-19 | 中国工商银行股份有限公司 | Safety certification system |
| CN106952096A (en) * | 2017-03-03 | 2017-07-14 | 中国工商银行股份有限公司 | Security certification system, method and the credible identifying device of client of client device |
| US20180324153A1 (en) * | 2017-05-08 | 2018-11-08 | Salesforce.Com, Inc. | Client fingerprinting for information system security |
| CN108364022A (en) * | 2018-02-09 | 2018-08-03 | 杭州默安科技有限公司 | The browser-cross device identification method of fingerprint similarity is analyzed based on machine learning |
| CN111818514A (en) * | 2020-08-28 | 2020-10-23 | 北京智慧易科技有限公司 | Privacy security equipment identifier generation method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113923012B (en) | 2024-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10235524B2 (en) | Methods and apparatus for identifying and removing malicious applications | |
| US9270467B1 (en) | Systems and methods for trust propagation of signed files across devices | |
| US9239922B1 (en) | Document exploit detection using baseline comparison | |
| US20190138716A1 (en) | Identifying Internet of Things Network Anomalies Using Group Attestation | |
| EP2946328A1 (en) | System for and a method of cognitive behavior recognition | |
| CN111262701A (en) | Replay attack detection method, system, equipment and storage medium | |
| CN109344611B (en) | Application access control method, terminal equipment and medium | |
| CN109614203B (en) | Android application cloud data evidence obtaining and analyzing system and method based on application data simulation | |
| CN112685771A (en) | Log desensitization method, device, equipment and storage medium | |
| CN109800571B (en) | Event processing method and device, storage medium and electronic device | |
| CN114417335A (en) | Malicious file detection method and device, electronic equipment and storage medium | |
| CN108156127B (en) | Network attack mode judging device, judging method and computer readable storage medium thereof | |
| CN109522683B (en) | Software tracing method, system, computer equipment and storage medium | |
| EP3113065B1 (en) | System and method of detecting malicious files on mobile devices | |
| CN108600259B (en) | Authentication and binding method of equipment, computer storage medium and server | |
| CN112182555A (en) | Weak password detection method, device, electronic apparatus, storage medium, and program | |
| US10931693B2 (en) | Computation apparatus and method for identifying attacks on a technical system on the basis of events of an event sequence | |
| CN113923012B (en) | Fingerprint generation method and tamper-proof method of client device | |
| CN110222508A (en) | Extort virus defense method, electronic equipment, system and medium | |
| CN109858289A (en) | The mobile storage device management method and device used suitable for corporate intranet | |
| CN109086624A (en) | login method and device | |
| CN114417349A (en) | Attack result determination method, device, electronic equipment and storage medium | |
| CN110572371B (en) | Identity uniqueness check control method based on HTML5 local storage mechanism | |
| CN113987435A (en) | Illegal copyright detection method and device, electronic equipment and storage medium | |
| CN108629197A (en) | File access control method and system for the integration environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 1st Floor, Building 3, No. 2616, Yuhangtang Road, Cangqian Street, Yuhang District, Hangzhou City, Zhejiang Province, 311100 Applicant after: HANGZHOU MOAN TECHNOLOGY CO.,LTD. Address before: 311100 10th floor, Block E, building 1, 1378 Wenyi West Road, Cangqian street, Yuhang District, Hangzhou City, Zhejiang Province Applicant before: HANGZHOU MOAN TECHNOLOGY CO.,LTD. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |