CN113987469B - Process protection method and device applied to vehicle machine system and electronic equipment - Google Patents
Process protection method and device applied to vehicle machine system and electronic equipment Download PDFInfo
- Publication number
- CN113987469B CN113987469B CN202111249127.3A CN202111249127A CN113987469B CN 113987469 B CN113987469 B CN 113987469B CN 202111249127 A CN202111249127 A CN 202111249127A CN 113987469 B CN113987469 B CN 113987469B
- Authority
- CN
- China
- Prior art keywords
- target
- program file
- section
- information
- generate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the disclosure discloses a process protection method and device applied to a vehicle machine system and electronic equipment. One embodiment of the method comprises: running a program corresponding to the first target program file; copying a target process; decrypting the second target program file through the target process; determining a section of target data included in the first target program file in the second target program file; filling the target data into a second target program file, wherein the section corresponding to the section position information included in the section information; loading and operating a program corresponding to the third target program file; process monitoring is carried out on the first additional process; process monitoring is carried out on the second additional process; and in response to determining that the target process, the process exception exists in the first additional process and the second additional process, exiting the target process, the first additional process and the second additional process. The embodiment improves the process protection efficiency and the safety of vehicle running.
Description
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a process protection method and device applied to a vehicle machine system and electronic equipment.
Background
With the development of computer-related technologies, the vehicle-mounted computer system gradually starts to be intelligent and easy to use. At present, a commonly used vehicle machine system is mainly based on a Linux system and an Android system. Compared with the Android system, the Linux system is an open source system, and therefore is more widely applied to the vehicle machine system. In order to ensure the normal operation of the in-vehicle machine system, it is particularly necessary to protect the process running in the in-vehicle machine system. At present, when protecting a process running in a car machine system, a commonly adopted method is as follows: abnormal processes are located manually by process viewing commands (e.g., who commands, ps commands, etc.).
However, when the above-described manner is adopted, there are often technical problems as follows:
first, when the car machine system is operated, a large number of processes often can be operated behind the back, and abnormal process positioning is carried out in a manual mode, so that process protection efficiency is low.
Secondly, when the process is tampered with illegally and is not found in time, the vehicle system may be halted and the like, so that the driving safety of the vehicle is affected.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure provide a process protection method, an apparatus, and an electronic device applied to a car machine system, to solve one or more of the technical problems mentioned in the above background.
In a first aspect, some embodiments of the present disclosure provide a process protection method applied to a car machine system, where the method includes: running a program corresponding to the first target program file to generate a target process; copying the target process to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process; decrypting the second target program file through the target process to generate a decrypted program file; determining a section of the target data included in the first target program file in the second target program file based on the decryption program file to generate section information, wherein the section information includes: nodal region location information; filling the target data into the second target program file, wherein the target data is a section corresponding to the section position information included in the section information, so as to generate a third target program file; loading and operating a program corresponding to the third target program file to generate a second additional process; process monitoring is carried out on the first additional process through the second additional process; process monitoring the second additional process through the target process; and in response to determining that the target process, the process in the first additional process and the second additional process has a process exception, exiting the target process, the first additional process and the second additional process.
Optionally, the first object program file is generated through the following steps: determining data in a target section contained in an initial program file as first candidate data information, wherein the target section is a section randomly selected from a section sequence contained in the initial program file; respectively determining the node index and the node size of the target node and the node index and the node size of at least one node adjacent to the target node in the node sequence to generate a node identification information sequence; adding the section identification information sequence to the tail of the first candidate data information to generate second candidate data information; encrypting the second candidate data information to generate third candidate data information; and filling the third candidate data information into a preset program file to generate the first target program file.
Optionally, the decryption program file includes: file header information; the section information further includes: the section size information and the section of the object data included in the first object program file in the second object program file based on the decryption program file are determined to generate section information, including: decrypting the file header information to generate decrypted file header information; determining section header information according to the decrypted file header information; determining the size of a section occupied by the target data included in the first target program file in the second target program file according to the section header information to generate the section size information included in the section information; determining, according to the section header information, a section position offset amount of the target data included in the first target program file in the second target program file, so as to generate the section position information included in the section information.
Optionally, the filling the target data into the second target program file, and generating a third target program file by using the section corresponding to the section location information included in the section information, includes: and filling the target data into a target storage space in response to the fact that the target data passes data tampering verification, so as to generate the third target program file, wherein the target storage space is a target storage space of a section corresponding to the section location information in the second target program file, and the size of the target storage space is consistent with the size of a storage space corresponding to the section size information.
Optionally, the exiting the target process, the first additional process, and the second additional process includes: and releasing the memory resources and the file resources occupied by the target process, the first additional process and the second additional process.
Optionally, before the step of filling the target data into the target storage space in response to determining that the target data passes the data tampering check to generate the third target program file, the method further includes: and performing tampering check on the target data according to the section identification information sequence contained in the first target program file to determine whether the target data passes the tampering check.
Optionally, the method further includes: and in response to determining that the target process, the first additional process and the second additional process are successfully quitted, sending an abnormal information set corresponding to the target process, the first additional process and the second additional process to a target terminal.
In a second aspect, some embodiments of the present disclosure provide a process protection device applied to a car machine system, where the process protection device includes: the running unit is configured to run a program corresponding to the first target program file to generate a target process; a copying unit configured to copy the target process to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process; a decryption processing unit configured to perform decryption processing on the second target program file by the target process to generate a decrypted program file; a determining unit configured to determine, based on the decryption program file, a section of the target data included in the first target program file in the second target program file to generate section information, wherein the section information includes: nodal region location information; a filling unit configured to fill the target data into a section corresponding to the section location information included in the section information in the second target program file to generate a third target program file; a loading unit configured to load and run a program corresponding to the third target program file to generate a second additional process; a first process monitoring unit configured to perform process monitoring on the first additional process through the second additional process; a second process monitoring unit configured to perform process monitoring on the second additional process through the target process; and the exit unit is configured to exit the target process, the first additional process and the second additional process in response to determining that the target process, and a process in the first additional process and the second additional process has a process exception.
Optionally, the first target program file is generated by: determining data in a target section contained in an initial program file as first candidate data information, wherein the target section is a section randomly selected from a section sequence contained in the initial program file; respectively determining the node index and the node size of the target node and the node index and the node size of at least one node adjacent to the target node in the node sequence to generate a node identification information sequence; adding the section identification information sequence to the tail of the first candidate data information to generate second candidate data information; encrypting the second candidate data information to generate third candidate data information; and filling the third candidate data information into a preset program file to generate the first target program file.
Optionally, the decryption program file includes: header information of the file; the section information further includes: section size information, and the determining unit is further configured to: decrypting the file header information to generate decrypted file header information; determining section header information according to the decrypted file header information; determining the size of a section occupied by the target data included in the first target program file in the second target program file according to the section header information to generate the section size information included in the section information; determining, according to the section header information, a section position offset amount of the target data included in the first target program file in the second target program file, so as to generate the section position information included in the section information.
Optionally, the above-mentioned filling unit is further configured to: and filling the target data into a target storage space in response to the fact that the target data passes data tampering verification, so as to generate the third target program file, wherein the target storage space is a target storage space of a section corresponding to the section location information in the second target program file, and the size of the target storage space is consistent with the size of a storage space corresponding to the section size information.
Optionally, the exit unit is further configured to: and releasing the memory resources and the file resources occupied by the target process, the first additional process and the second additional process.
Optionally, before the step of filling the target data into the target storage space in response to determining that the target data passes the data tampering check to generate the third target program file, the apparatus further includes: and performing tampering check on the target data according to the section identification information sequence contained in the first target program file to determine whether the target data passes the tampering check.
Optionally, the apparatus further comprises: and in response to determining that the target process, the first additional process and the second additional process are successfully quitted, sending an abnormal information set corresponding to the target process, the first additional process and the second additional process to a target terminal.
In a third aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method described in any of the implementations of the first aspect.
In a fourth aspect, some embodiments of the present disclosure provide a computer readable medium on which a computer program is stored, wherein the program, when executed by a processor, implements the method described in any of the implementations of the first aspect.
The above embodiments of the present disclosure have the following advantages: according to the process protection method applied to the vehicle-mounted machine system, the process protection efficiency and the vehicle driving safety are improved. Specifically, the reasons for the inefficiency of process protection and the low safety of vehicle driving are: the process protection efficiency is low by positioning the abnormal process in a manual mode. In addition, when the process is tampered and not found in time, the vehicle system may be halted, and the safety of vehicle driving is affected. Based on this, in the process protection method applied to the in-vehicle system of some embodiments of the present disclosure, first, a program corresponding to the first target program file is run to generate a target process. Since the program files belong to static resources, when the program needs to be run, a corresponding process needs to be created. In addition, the target process is copied to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process. And adding the target process by creating a first additional process, thereby realizing the monitoring of the target process. Then, the second target program file is decrypted through the target process to generate a decrypted program file. In order to ensure the security of the file, the program file is often required to be encrypted. Therefore, when a file is used, decryption processing is often required for the file. Further, based on the decryption program file, determining a section of the target data included in the first target program file in the second target program file to generate section information, where the section information includes: nodal region location information. In addition, the target data is filled into the second target program file, and the section corresponding to the section position information included in the section information is filled into the second target program file, so that a third target program file is generated. By splitting the program file into the first target program file and the second target program file, the program file is stored separately when not called, and the safety of the program is ensured. And then, carrying out process monitoring on the first additional process through the second additional process. And in addition, process monitoring is carried out on the second additional process through the target process. By creating a circular listening mechanism, i.e. a way for the target process to listen to the second additional process, for the first additional process to listen to the target process and for the second additional process to listen to the first additional process. So that tampering with any process by a tamperer will be heard by other processes. And finally, in response to determining that the target process, the process in the first additional process and the second additional process has process exception, exiting the target process, the first additional process and the second additional process. When any process is tampered, all processes are quitted, and by means of the method, automatic monitoring of the abnormal process is achieved, and process protection efficiency is improved. In addition, the abnormal process is timely quitted, so that the influence of the abnormal process on the stability of the vehicle machine system is avoided. Thereby ensuring the running safety of the vehicle.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and elements are not necessarily drawn to scale.
Fig. 1 is a schematic diagram of an application scenario of a process protection method applied to a car machine system according to some embodiments of the present disclosure;
FIG. 2 is a flow diagram of some embodiments of a process protection method applied to a car machine system according to the present disclosure;
FIG. 3 is a flow diagram of further embodiments of a process protection method applied to a car machine system according to the present disclosure;
fig. 4 is a schematic structural diagram of some embodiments of a process protection method apparatus applied to a car machine system according to the present disclosure;
FIG. 5 is a schematic structural diagram of an electronic device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 is a schematic diagram of an application scenario of a process protection method applied to a car machine system according to some embodiments of the present disclosure.
In the application scenario of fig. 1, first, the computing device 101 may run a program corresponding to the first target program file 102 to generate a target process 103; secondly, the computing device 101 may copy the target process 103 to generate a first additional process 104, where the first additional process 104 is configured to perform process monitoring on the target process 103; next, the computing device 101 may perform decryption processing on the second object program file 105 by the above-described object process 103 to generate a decrypted program file 106; further, the computing device 101 may determine, based on the decrypted program file 106, a section of the object data 107 included in the first object program file 102 in the second object program file 105 to generate section information 108, where the section information 108 includes: nodal region location information; furthermore, the computing device 101 can fill the target data 107 into the second target program file 105, and generate a third target program file 109 by using the section corresponding to the section location information included in the section information 108; then, the computing device 101 may load a program corresponding to the third target program file 109 to generate a second additional process 110; in addition, the computing device 101 may perform process monitoring on the first additional process 104 through the second additional process 110; then, the computing device 101 may perform process monitoring on the second additional process 110 through the target process 103; finally, the computing device 101 may, in response to determining that a process exception exists for the target process 103, the first additional process 104, and the second additional process 110, exit the target process 103, the first additional process 104, and the second additional process 110.
The computing device 101 may be hardware or software. When the computing device is hardware, it may be implemented as a distributed cluster composed of multiple servers or terminal devices, or may be implemented as a single server or a single terminal device. When the computing device is embodied as software, it may be installed in the hardware devices enumerated above. It may be implemented, for example, as multiple software or software modules to provide distributed services, or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of computing devices in FIG. 1 is merely illustrative. There may be any number of computing devices, as implementation needs dictate.
Continuing to refer to fig. 2, a flow 200 of some embodiments of a process protection method applied to a car machine system according to the present disclosure is shown. The process protection method applied to the vehicle machine system comprises the following steps:
In some embodiments, an execution subject (e.g., the computing device 101 shown in fig. 1) of the process protection method applied to the car machine system may execute a program corresponding to the first target program file to generate a target process. The first target program file may be a partial program file included in the initial program file. The initial program file may be a program file to be run in the car machine system. The file type of the initial program file may be an ELF (Executable and Linkable Format) file type. For example, the initial program file may be a program file corresponding to a function of "acquiring the vehicle oil temperature". The target process may be a process generated by the execution main body after the first target program file is loaded.
As an example, when the in-vehicle system is a system based on a Linux operating system, the in-vehicle system may generate the target process through an exec () function. The execution body may use a file path of the first target program file as a parameter of the exec () function.
At step 202, the target process is replicated to generate a first additional process.
In some embodiments, the execution agent may replicate the target process to generate the first additional process. The first additional process may be configured to perform process monitoring on the target process. For example, the execution subject may copy the target process through a fork () function to generate the first additional process, and attach the first additional process to the target process. Due to the Linux operating system process mechanism, the target process can be copied for multiple times through the fork () function, but only one accessory process is allowed to be in an active state. Therefore, the target process is added by the first addition process. The target process is guaranteed not to be debugged and the like by other users in a process attachment mode, and therefore the process is prevented from being tampered. In addition, the process created by the fork () function is the same as the process to be copied, so that the process created by the fork () function can be realized, and the process to be copied can be monitored, that is, when the process to be copied is tampered, the process to be copied can be intuitively found to be tampered by the process to be copied.
And step 203, decrypting the second target program file through the target process to generate a decrypted program file.
In some embodiments, the executing entity may decrypt the second object program file by the object process to generate the decrypted program file. The second object program file may be another program file included in the initial program file, other than the first object program file. The decryption program file may include information indicating a storage location of the object data included in the first object program file. The target data may be program data in which the second target program file is missing. The execution main body may decrypt the second object program by an object encryption/decryption algorithm to generate the decrypted program file. For example, the encryption and decryption algorithm may be: SM2 elliptic curve public key cryptographic algorithm, AES (Advanced Encryption Standard) cryptographic algorithm, and DES (Data Encryption Standard) cryptographic algorithm.
In some embodiments, the executing agent may determine a section of the object data included in the first object program file in the second object program file based on the decrypted program file to generate the section information. Wherein, the section information may include: nodal region location information. The node location information may represent a node of the target data in the second target program file. The execution main body may generate the section information by determining a storage location of the program data missing in the second object program file.
In some embodiments, the execution subject may fill the target data into a second target program file, and a section corresponding to the section location information included in the section information, to generate a third target program file. The execution body may fill the target data to a position where a missing program file in the second target program file is located, so as to generate the third target program file.
Alternatively, when the target data is encrypted, first, the execution main body may decrypt the target data according to an encryption algorithm that encrypts original data corresponding to the target data. Then, the execution body may fill the decrypted target data into a section corresponding to the section location information included in the section information in the second target program file, so as to generate the third target program file.
And step 206, loading and operating a program corresponding to the third target program file to generate a second additional process.
In some embodiments, the execution subject may load a program corresponding to the third target program file to run, so as to generate the second additional process. For example, the execution agent may generate the second additional process by an exec () function. For another example, the execution subject may generate the second additional process through a fork () function.
In some embodiments, the execution main body may perform process monitoring on the first additional process through the second additional process. For example, the execution subject may create the second additional process through a fork () function, and attach the second additional process to the first additional process, so as to implement monitoring of the second additional process. Due to the Linux operating system process mechanism, the target process can be copied for multiple times through the fork () function, but only one accessory process is allowed to be in an active state. Therefore, the target process is added by the first addition process. The target process is guaranteed not to be debugged and the like by other users in a process attachment mode, and therefore the process is prevented from being tampered. In addition, the process created by the fork () function is the same as the process to be copied, so that the process created by the fork () function can be realized, and the process to be copied can be monitored, that is, when the process to be copied is tampered, the process to be copied can be intuitively found to be tampered by the process to be copied.
And step 208, performing process monitoring on the second additional process through the target process.
In some embodiments, the execution subject may perform process monitoring on the second additional process through the target process. For example, the execution subject may attach the target process to the second additional process through a fork () function to implement process snooping on the second additional process.
In some embodiments, the execution subject may exit the target process, the first additional process, and the second additional process in response to determining that a process exception exists for the target process, and a process of the first additional process and the second additional process. The target process, the first additional process and the second additional process can communicate with each other through a pipeline. For example, the execution body may create a Pipe between processes through a Pipe () function to implement Pipe communication between processes. The execution main body can monitor the target process through a first additional process, monitor the first additional process through a second additional process, and monitor the target process through the second additional process, so that cyclic monitoring among the processes is realized. When any process is abnormal, the process can be monitored by other processes.
The above embodiments of the present disclosure have the following beneficial effects: according to the process protection method applied to the vehicle-mounted machine system, the process protection efficiency and the vehicle driving safety are improved. Specifically, the reasons for the inefficiency of the process protection and the low safety of the vehicle running are that: the process protection efficiency is low by positioning the abnormal process in a manual mode. In addition, when the process is tampered and not found in time, the vehicle system may be halted, and the safety of vehicle driving is affected. Based on this, in the process protection method applied to the in-vehicle system of some embodiments of the present disclosure, first, a program corresponding to the first target program file is run to generate a target process. Since the program files belong to static resources, when the program needs to be run, a corresponding process needs to be created. In addition, the target process is copied to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process. And adding the target process by creating a first additional process, thereby realizing the monitoring of the target process. Then, the second target program file is decrypted through the target process to generate a decrypted program file. In order to ensure the security of the file, the program file is often required to be encrypted. Therefore, when a file is used, decryption processing is often required for the file. Further, based on the decryption program file, determining a section of the target data included in the first target program file in the second target program file to generate section information, where the section information includes: nodal region location information. In addition, the target data is filled into the second target program file, and the section corresponding to the section position information included in the section information is filled into the second target program file, so that a third target program file is generated. By splitting the program file into the first target program file and the second target program file, the program file is stored separately when not called, and the safety of the program is ensured. And then, carrying out process monitoring on the first additional process through the second additional process. And in addition, process monitoring is carried out on the second additional process through the target process. By creating a circular listening mechanism, i.e. a way for the target process to listen to the second additional process, for the first additional process to listen to the target process and for the second additional process to listen to the first additional process. So that tampering with any process by a tamperer will be heard by other processes. And finally, in response to determining that the target process, the process in the first additional process and the second additional process has process exception, exiting the target process, the first additional process and the second additional process. When any process is tampered, all processes are quitted, and by means of the method, automatic monitoring of the abnormal process is achieved, and process protection efficiency is improved. In addition, the abnormal process is timely quitted, so that the influence of the abnormal process on the stability of the vehicle machine system is avoided. Thereby ensuring the running safety of the vehicle.
With further reference to fig. 3, a flow 300 of further embodiments of a process protection method applied to a car machine system is shown. The process 300 of the process protection method applied to the vehicle machine system includes the following steps:
In some embodiments, an execution subject (e.g., the computing device 101 shown in fig. 1) of the process protection method applied to the car machine system may execute a program corresponding to the first target program file to generate a target process. The first target program file can be generated through the following steps:
firstly, data in a target node area contained in an initial program file is determined as first candidate data information.
The target segment may be a segment randomly selected from a sequence of segments included in the initial program file.
As an example, first, the execution main body may obtain a segment index corresponding to a segment in the segment sequence, and obtain a segment index sequence. Wherein, the segment index in the segment index sequence can represent the position of the segment in the segment sequence. Then, the execution body may randomly select a segment index from the segment index sequence, and finally, the execution body may determine a segment corresponding to the selected segment index as the target segment. The execution body may randomly select a segment index from the segment index sequence by:
import random
Seq=[1,2,3,4,5,6,7,8]
Target=random.choice(Seq)
Wherein "Seq" may characterize the section index sequence, for example, the section index sequence may be "[ 1,2,3,4,5,6,7,8 ]. "Target" may characterize a randomly selected nodal region index.
And secondly, respectively determining the section index and the section size of the target section, and the section index and the section size of at least one section adjacent to the target section in the section sequence to generate a section identification information sequence.
The execution body may determine a size of a storage space occupied by the target segment as a segment size of the target segment. The section identification information in the section identification information sequence may include: section index and section size. The size of a segment may characterize the size of the storage space occupied by the segment.
As an example, the section index of the above target section may be "12". The section size of the above target section may be "200" bytes. The section indexes of two sections adjacent to the above-mentioned target section may be "11" and "13". The section sizes of two sections adjacent to the above-mentioned target section may be "300" bytes and "130" bytes. The generated segment identification information sequence may be { [ segment index: section size "12": "200" bytes ], [ section index: section size "11": "300" bytes ], [ section index: section "13" size: "130" bytes ] }.
Optionally, the segment identifier information in the segment identifier information sequence may further include: and generating unique identification information according to the data stored in the section corresponding to the section identification information. For example, the unique identification information may be identification information generated by encrypting data stored in a section corresponding to the section identification information by using an MD5 (Message-Digest) encryption algorithm.
And thirdly, adding the section identification information sequence to the tail part of the first candidate data information to generate second candidate data information.
As an example, the above-described first candidate data information may be "asdasdaadada". The above-mentioned section identification information sequence may be { [ section index: section size "12": "200" bytes ], [ section index: section size "11": "300" bytes ], [ section index: section "13" size: "130" bytes ] }. The generated second candidate data information may be "asdasdaadada { [ section index: section size "12": "200" bytes ], [ section index: section size "11": "300" bytes ], [ section index: section "13" size: "130" bytes ] } "
And fourthly, encrypting the second candidate data information to generate third candidate data information.
The execution body may select any one of an asymmetric encryption algorithm and a symmetric encryption algorithm, and encrypt the second candidate data information to generate third candidate data information. For example, the asymmetric encryption algorithm may be, but is not limited to, any of the following: RSA Algorithm, DSA (Digital Signature Algorithm) and ECC (Elliptic curve cryptography) algorithms. The symmetric encryption algorithm may be, but is not limited to, any of the following: a DES (Data Encryption Standard) algorithm and an AES (Advanced Encryption Standard) algorithm.
And fifthly, filling the third candidate data information into a preset program file to generate the first target program file.
The preset program file may be an executable program file.
For example, the execution body may fill the reserved bits of the preset program file with the data to generate the first target program file.
At step 302, the target process is copied to generate a first additional process.
In some embodiments, the specific implementation of steps 302 to 303 and the technical effect thereof may refer to steps 202 to 203 in those embodiments corresponding to fig. 2, and are not described herein again.
In some embodiments, the executing agent may determine a section of the object data included in the first object program file in the second object program file based on the decrypted program file to generate the section information. Wherein, the decryption program file may include: and (4) file header information. The section information may further include: section size information. The header information may be information for describing a file structure. For example, the header information may include encoding mode information of the first target program file. For another example, the header information may further include file version information of the first target program file. For another example, the header information may further include a size of a storage space occupied by a section of the sections included in the first target program file, and a position corresponding to the section. The section size information may represent a size of a section occupied by the target data in the second target program file.
As an example, the executing body may determine, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate the section information, and include:
firstly, the file header information is decrypted to generate decrypted file header information.
The execution body may decrypt the header information according to an algorithm for encrypting the decrypted header information to generate the decrypted header information.
For example, when the execution main body encrypts the decrypted header information by using a symmetric encryption algorithm, the execution main body may decrypt the header information by using a key used in encryption to generate the decrypted header information.
And secondly, determining section header information according to the decrypted file header information.
The section header information may represent a size of a section in each section included in the first target program file and a size of a storage control occupied by the section. The execution body may parse, from the decrypted file header information, the size of the section in each section included in the first target program file and the size of the storage control occupied by the section, to generate the section header information.
And thirdly, determining the size of the section occupied by the target data included in the first target program file in the second target program file according to the section header information to generate the section size information included in the section information.
The execution body may first read a size of a segment occupied by the target data from the segment header information to generate the segment size information included in the segment information. For example, the above section size information may be "400" bytes.
And fourthly, determining the node position offset of the target data included in the first target program file in the second target program file according to the node header information to generate the node position information included in the node information.
First, the execution body may read a first address of the first object program file in a storage space from the section header information. Then, the execution main body may generate the section position information included in the section information according to the size of the storage space occupied by the section in each section included in the first object program file and the relative position of the section in which the object data is located in each section.
By way of example, the first address of the storage control at which the first target program file is located may be "000". The first object program file includes 3 sections. Each section is of size "20" bytes. The section where the target data is located is the 3 rd section. The above node position information may be "040".
In some embodiments, the step of populating the target data into the second target program file by the execution subject, wherein the section corresponding to the section location information included in the section information, so as to generate a third target program file, may include the steps of:
and firstly, carrying out tampering check on the target data according to the section identification information sequence contained in the first target program file so as to determine whether the target data passes the tampering check.
As an example, first, for each piece of section identification information in the piece of section identification information sequence, the execution main body may determine whether a section size of a section corresponding to a section index included in the piece of section identification information coincides with a section size included in the piece of section identification information. Secondly, when each piece of section identification information in the section identification information sequence passes the verification, the execution main body can compare the size of the target data with the size of the section where the target data is located to determine whether the size of the target data is consistent with the size of the section where the target data is located. And if the target data are consistent, the target data pass the tampering verification.
Optionally, the segment identification information in the segment identification information sequence may further include: and generating unique identification information according to the data stored in the section corresponding to the section identification information. For example, the unique identification information may be unique identification information generated by encrypting data stored in a section corresponding to the section identification information by using an MD5 encryption algorithm. When the execution main body performs tampering check on the target data according to the section identification information sequence contained in the first target program file, firstly, section identification information corresponding to a section adjacent to the section where the target data is located may be screened from the section identification information sequence, and the section identification information is used as candidate section identification information to obtain a candidate section identification information queue. Then, for each candidate segment identification information in the candidate segment identification information queue, the execution subject may generate identification information corresponding to data stored in a segment corresponding to the candidate segment identification information through an MD5 encryption algorithm, and then, the execution subject may compare the generated identification information with unique identification information included in the candidate segment identification information, and if the generated identification information and the unique identification information are consistent, the execution subject may compare the size of the target data with whether the size of the segment where the target data is located is consistent. And if the target data are consistent, the target data pass tampering verification.
And filling the target data into a target storage space in response to the fact that the target data passes data tampering verification to generate a third target program file. The target storage space may be a target storage space of a node region corresponding to the node region location information in the second target program file. The size of the target storage space may be the same as the size of the storage space corresponding to the node size information.
And 307, performing process monitoring on the first additional process through the second additional process.
In some embodiments, specific implementation of steps 306 to 308 and technical effects brought by the implementation may refer to steps 206 to 208 in those embodiments corresponding to fig. 2, and are not described herein again.
In some embodiments, the execution main body may release the memory resource and the file resource occupied by the target process, the first additional process, and the second additional process in response to determining that the target process, the process in the first additional process, and the second additional process has a process exception. The file resource may refer to a static resource required by the process, such as audio, video, and picture resources. For example, the execution subject may release the memory resource occupied by the process through a free command.
And step 310, in response to determining that the target process, the first additional process and the second additional process are successfully quitted, sending the abnormal information sets corresponding to the target process, the first additional process and the second additional process to the target terminal.
In some embodiments, the execution subject may send, in response to determining that the target process, the first additional process, and the second additional process are successfully exited, the exception information sets corresponding to the target process, the first additional process, and the second additional process to a target terminal in a wired or wireless connection manner. The exception information in the exception information set can represent the problem type causing the exception of the process. The target terminal may be a terminal for receiving the abnormal information set. For example, the target terminal may be a "computer".
As can be seen from fig. 3, compared with the description of some embodiments corresponding to fig. 2, in the present disclosure, an initial program file to be run in the car machine system is first divided into a first object program file and a second object program file, and the first object program file and the second object program file are separately stored. The situation that the data is tampered caused by cracking of the initial program file is avoided. In addition, in order to ensure the integrity of the data, the present disclosure also generates a segment identification information sequence, that is, information of a segment adjacent to the segment where the first candidate data information is located is stored in the first target program file. Wherein, the section identification information in the section identification information sequence includes: a segment index, a segment size, and unique identification information generated from data stored in the segment. When tampering verification is carried out on the target data, not only the target data are verified, but also data in a section of a section vector where the target data are located are verified. Therefore, the integrity of the data stored in the first target program file and the second target program file is ensured, and the safety of the data in the vehicle machine system is further ensured.
With further reference to fig. 4, as an implementation of the methods shown in the above diagrams, the present disclosure provides some embodiments of a process protection device applied to a car machine system, where the embodiments of the device correspond to those of the method shown in fig. 2, and the device may be applied to various electronic devices.
As shown in fig. 4, a process protection device 400 applied to a car machine system according to some embodiments includes: an operation unit 401 configured to operate a program corresponding to the first target program file to generate a target process; a copying unit 402, configured to copy the target process to generate a first additional process, where the first additional process is used to perform process monitoring on the target process; a decryption processing unit 403 configured to perform decryption processing on the second object program file by the above-described object process to generate a decrypted program file; a determining unit 404, configured to determine, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate section information, where the section information includes: nodal region location information; a filling unit 405 configured to fill the target data into a section corresponding to the section location information included in the section information in the second target program file to generate a third target program file; a loading unit 406, configured to load and run a program corresponding to the third object program file to generate a second additional process; a first process monitoring unit 407, configured to perform process monitoring on the first additional process through the second additional process; a second process monitoring unit 408 configured to perform process monitoring on the second additional process through the target process; and an exit unit 409 configured to, in response to determining that the target process, a process exception exists in a process of the first additional process and the second additional process, exit the target process, the first additional process, and the second additional process.
In some optional implementations of some embodiments, the first target program file is generated by: determining data in a target section contained in an initial program file as first candidate data information, wherein the target section is a section randomly selected from a section sequence contained in the initial program file; respectively determining the node index and the node size of the target node and the node index and the node size of at least one node adjacent to the target node in the node sequence to generate a node identification information sequence; adding the section identification information sequence to the tail of the first candidate data information to generate second candidate data information; encrypting the second candidate data information to generate third candidate data information; and filling the third candidate data information into a preset program file to generate the first target program file.
In some optional implementations of some embodiments, the decryption program file includes: header information of the file; the section information further includes: section size information, and the determining unit 404 is further configured to: decrypting the file header information to generate decrypted file header information; determining section header information according to the decrypted file header information; determining the size of a section occupied by the target data included in the first target program file in the second target program file according to the section header information to generate the section size information included in the section information; determining, according to the section header information, a section position offset amount of the target data included in the first target program file in the second target program file, so as to generate the section position information included in the section information.
In some optional implementations of some embodiments, the filling unit 405 is further configured to: and filling the target data into a target storage space in response to the fact that the target data passes data tampering verification, so as to generate the third target program file, wherein the target storage space is a target storage space of a section corresponding to the section location information in the second target program file, and the size of the target storage space is consistent with the size of a storage space corresponding to the section size information.
In some optional implementations of some embodiments, the exit unit 409 is further configured to: and releasing the memory resources and the file resources occupied by the target process, the first additional process and the second additional process.
In some optional implementations of some embodiments, before the filling, in response to determining that the target data passes the data tampering check, the target data into the target storage space to generate the third target program file, the apparatus 400 further includes: and performing tampering check on the target data according to the section identification information sequence contained in the first target program file to determine whether the target data passes the tampering check.
In some optional implementations of some embodiments, the apparatus 400 further includes: and in response to determining that the target process, the first additional process and the second additional process are successfully quitted, sending an abnormal information set corresponding to the target process, the first additional process and the second additional process to a target terminal.
It will be understood that the elements described in the apparatus 400 correspond to various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 400 and the units included therein, and will not be described herein again.
Referring now to FIG. 5, a block diagram of an electronic device (such as computing device 101 shown in FIG. 1)500 suitable for use in implementing some embodiments of the present disclosure is shown. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, electronic device 500 may include a processing means (e.g., central processing unit, graphics processor, etc.) 501 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage means 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the electronic apparatus 500 are also stored. The processing device 501, the ROM 502, and the RAM503 are connected to each other through a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
Generally, the following devices may be connected to the I/O interface 505: input devices 506 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 507 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, and the like; storage devices 508 including, for example, magnetic tape, hard disk, etc.; and a communication device 509. The communication means 509 may allow the electronic device 500 to communicate with other devices wirelessly or by wire to exchange data. While fig. 5 illustrates an electronic device 500 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 5 may represent one device or may represent multiple devices as desired.
In particular, according to some embodiments of the present disclosure, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, some embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In some such embodiments, the computer program may be downloaded and installed from a network via the communication means 509, or installed from the storage means 508, or installed from the ROM 502. The computer program, when executed by the processing device 501, performs the above-described functions defined in the methods of some embodiments of the present disclosure.
It should be noted that the computer readable medium described in some embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In some embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In some embodiments of the present disclosure, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may be separate and not incorporated into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: running a program corresponding to the first target program file to generate a target process;
copying the target process to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process; decrypting the second target program file through the target process to generate a decrypted program file; determining a section of the target data included in the first target program file in the second target program file based on the decryption program file to generate section information, wherein the section information includes: nodal region location information; filling the target data into the second target program file, wherein the target data is a section corresponding to the section position information included in the section information, so as to generate a third target program file; loading and operating a program corresponding to the third target program file to generate a second additional process; process monitoring is carried out on the first additional process through the second additional process; process monitoring the second additional process through the target process; and in response to determining that the target process, the process in the first additional process and the second additional process has a process exception, exiting the target process, the first additional process and the second additional process.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in some embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, which may be described as: a processor includes an execution unit, a copy unit, a decryption processing unit, a determination unit, a padding unit, a loading unit, a first process monitoring unit, a second process monitoring unit, and an exit unit, where names of the units do not form a limitation on the units themselves in some cases, for example, the first process monitoring unit may also be described as a "unit that performs process monitoring on the first additional process through the second additional process".
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.
Claims (10)
1. A process protection method applied to a vehicle machine system comprises the following steps:
running a program corresponding to a first target program file to generate a target process, wherein the first target program file is a partial program file contained in an initial program file, and the initial program file is a program file to be run in a vehicle machine system;
copying the target process to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process;
decrypting a second target program file by the target process to generate a decrypted program file, wherein the second target program file is another program file except the first target program file contained in the initial program file;
determining a section of the target data included in the first target program file in the second target program file based on the decrypted program file to generate section information, wherein the section information includes: section position information, wherein the target data is program data in which the second target program file is missing;
filling the target data into the second target program file, wherein the target data corresponds to the section corresponding to the section position information included in the section information, so as to generate a third target program file;
Loading and operating a program corresponding to the third target program file to generate a second additional process;
process monitoring is carried out on the first additional process through the second additional process;
process monitoring is carried out on the second additional process through the target process;
in response to determining that a process exception exists in the target process, the first additional process, and the second additional process, exiting the target process, the first additional process, and the second additional process, wherein the determining, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate section information includes: and determining the storage position of the missing program data in the second target program file to generate the section information.
2. The method of claim 1, wherein the first object program file is generated by:
determining data in a target section contained in an initial program file as first candidate data information, wherein the target section is a section randomly selected from a section sequence contained in the initial program file;
Respectively determining the node index and the node size of the target node, and the node index and the node size of at least one node adjacent to the target node in the node sequence to generate a node identification information sequence;
adding the section identification information sequence to the tail of the first candidate data information to generate second candidate data information;
encrypting the second candidate data information to generate third candidate data information;
and filling the third candidate data information into a preset program file to generate the first target program file.
3. The method of claim 2, wherein the decrypting the program file comprises: header information of the file; the section information further includes: section size information, and
the determining, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate section information includes:
decrypting the file header information to generate decrypted file header information;
determining section header information according to the decrypted file header information;
determining the size of a section occupied by target data included in the first target program file in the second target program file according to the section header information to generate the section size information included in the section information;
And determining the node position offset of the target data in the second target program file, wherein the target data is included in the first target program file, according to the node header information, so as to generate the node position information included in the node information.
4. The method of claim 3, wherein said populating said target data into said second target program file into a section corresponding to said section location information included in said section information to generate a third target program file comprises:
and filling the target data into a target storage space to generate a third target program file in response to the fact that the target data passes data tampering verification, wherein the target storage space is a target storage space of a section corresponding to the section location information in the second target program file, and the size of the target storage space is consistent with the size of a storage space corresponding to the section size information.
5. The method of claim 4, wherein the exiting the target process, the first additional process, and the second additional process comprises:
and releasing the memory resources and the file resources occupied by the target process, the first additional process and the second additional process.
6. The method of claim 5, wherein prior to said populating said target storage space with said target data to generate said third target program file in response to determining said target data passes a data tampering check, said method further comprises:
and carrying out tampering verification on the target data according to the section identification information sequence contained in the first target program file so as to determine whether the target data passes the tampering verification.
7. The method of claim 1, wherein the method further comprises:
and in response to determining that the target process, the first additional process and the second additional process are successfully quitted, sending an abnormal information set corresponding to the target process, the first additional process and the second additional process to a target terminal.
8. The utility model provides a be applied to process protection device of car machine system, includes:
the running unit is configured to run a program corresponding to a first target program file to generate a target process, wherein the first target program file is a partial program file contained in an initial program file, and the initial program file is a program file to be run in the in-vehicle system;
The copying unit is configured to copy the target process to generate a first additional process, wherein the first additional process is used for performing process monitoring on the target process;
a decryption processing unit configured to perform decryption processing on a second object program file by the object process to generate a decrypted program file, wherein the second object program file is another program file than the first object program file included in the initial program file;
a determining unit configured to determine, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate section information, wherein the section information includes: section position information, wherein the target data is program data in which the second target program file is missing;
a filling unit configured to fill the target data into the second target program file, a section corresponding to the section location information included in the section information, to generate a third target program file;
the loading unit is configured to load and run a program corresponding to the third target program file to generate a second additional process;
A first process monitoring unit configured to perform process monitoring on the first additional process through the second additional process;
a second process monitoring unit configured to perform process monitoring on the second additional process through the target process;
an exit unit configured to exit the target process, the first additional process, and the second additional process in response to determining that a process exception exists in a process among the target process, the first additional process, and the second additional process, wherein the determining, based on the decrypted program file, a section of the target data included in the first target program file in the second target program file to generate section information includes: and determining the storage position of the missing program data in the second target program file to generate the section information.
9. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111249127.3A CN113987469B (en) | 2021-10-26 | 2021-10-26 | Process protection method and device applied to vehicle machine system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111249127.3A CN113987469B (en) | 2021-10-26 | 2021-10-26 | Process protection method and device applied to vehicle machine system and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113987469A CN113987469A (en) | 2022-01-28 |
| CN113987469B true CN113987469B (en) | 2022-07-29 |
Family
ID=79741786
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111249127.3A Active CN113987469B (en) | 2021-10-26 | 2021-10-26 | Process protection method and device applied to vehicle machine system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113987469B (en) |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4335707B2 (en) * | 2004-02-06 | 2009-09-30 | Necエレクトロニクス株式会社 | Program falsification detection device, program falsification detection program, and program falsification detection method |
| EP2979211B1 (en) * | 2013-03-27 | 2020-09-09 | Irdeto B.V. | Protecting software application |
| CN107634968A (en) * | 2017-10-19 | 2018-01-26 | 杭州安恒信息技术有限公司 | Tamper recovery method and system based on Rsync |
-
2021
- 2021-10-26 CN CN202111249127.3A patent/CN113987469B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN113987469A (en) | 2022-01-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110414190B (en) | Signature method of application installation package, related device, storage medium and electronic equipment | |
| CN109450620B (en) | Method for sharing security application in mobile terminal and mobile terminal | |
| CN108710500A (en) | Resource issuing method, update method and device | |
| CN108923925B (en) | Data storage method and device applied to block chain | |
| CN112073433B (en) | SSL certificate updating method and device, electronic equipment and storage medium | |
| CN111030827A (en) | Information interaction method and device, electronic equipment and storage medium | |
| CN111181944B (en) | Communication system, information distribution method, device, medium, and apparatus | |
| CN113282951B (en) | Application program security verification method, device and equipment | |
| CN111010283B (en) | Method and apparatus for generating information | |
| CN110414269B (en) | Processing method, related device, storage medium and system of application installation package | |
| CN112528239B (en) | Method and device for automatic authorization of software | |
| CN112329044A (en) | Information acquisition method and device, electronic equipment and computer readable medium | |
| CN112182518A (en) | Software deployment method and device | |
| CN113987469B (en) | Process protection method and device applied to vehicle machine system and electronic equipment | |
| CN114499893B (en) | Bidding file encryption and evidence storage method and system based on block chain | |
| CN109995534B (en) | Method and device for carrying out security authentication on application program | |
| CN113569265B (en) | Data processing method, system and device | |
| CN107463808B (en) | Method for calling functional module integrated in operating system | |
| EP4084484A1 (en) | Method and device for encryption of video stream, communication equipment, and storage medium | |
| CN113987471A (en) | Executable file execution method and device, electronic equipment and computer readable medium | |
| US11418327B2 (en) | Automatic provisioning of key material rotation information to services | |
| CN114629724A (en) | Internet of vehicles data transmission method, device, server and storage medium | |
| CN113961931A (en) | Adb tool using method and device and electronic equipment | |
| CN113704789A (en) | Vehicle-mounted communication safety processing method, device, equipment and storage medium | |
| CN114338629A (en) | Data processing method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |