CN101136048A - Software identification method - Google Patents
Software identification method Download PDFInfo
- Publication number
- CN101136048A CN101136048A CNA200710030684XA CN200710030684A CN101136048A CN 101136048 A CN101136048 A CN 101136048A CN A200710030684X A CNA200710030684X A CN A200710030684XA CN 200710030684 A CN200710030684 A CN 200710030684A CN 101136048 A CN101136048 A CN 101136048A
- Authority
- CN
- China
- Prior art keywords
- executable file
- software
- file
- dependent variable
- authentication method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The method comprises: a) taking the data of executable file as the independent variable; using a preset algorithm to generate the dependent variable; encrypting the dependent variable to generate identification code of the executable file; b) installing an authentication program on a computer used for authenticating a executable file attempting to run; if not capable of passing the authentication, rejecting the running of the executable program.
Description
Technical field
The present invention relates to executable file is moved the method for preceding control, be used for the protection of antivirus protection and software copyright.
Background technology
One, to the protection of rogue program
Rogue program mainly refers to computer virus (malicious codes of invasion computer systems such as general reference virus, wooden horse, rogue software).These programs are often implanted computing machine and operation under the situation that the user does not discover, destroy user's computer operating system, damage hardware, and steal confidential information, they have become the public hazards on the internet.At present, for the protection computing machine exempts from virus infraction, the user need install antivirus software.But anti-virus software is a kind of passive protection, and he always in danger just action has taken place, and has following defective:
1, information delay.The principle of work of antivirus software is: extract the condition code of known viruse in advance, during scanning, the part that contains condition code in the file is removed as virus or isolated.This just makes that antivirus software can only the killing known viruse.When new virus occurs, just can know its condition code after must analyzing new virus, so antivirus software always lags behind the development of virus, be in passive state forever.And ought virus be added shell, also can't killing with former condition code.
2, resource cost is serious.Just because of the hysteresis quality of antivirus software, whenever there being new virus to occur, the user will surf the Net and upgrade virus base or detection module, cause Internet resources often occupied.And in order to tackle the virus technology of continual renovation, the function of antivirus software is more and more comprehensive, looks into poison, virus killing, isolation, webpage monitoring or the like, the travelling speed of having dragged slowly computing machine.
3, use complexity.Because the technology of antivirus software becomes increasingly complex, for resource distribution, consideration such as avoid manslaughtering, need the every configuration of user according to the system situation setting antivirus software of oneself, the antivirus software that has is when detecting suspicious program even require user oneself decision to allow or the refusal operation.Yet most of users and layman, it is often at a loss as to what to do to face complicated configuration project.
Two, software copyright protection
In order to protect the literary property of software, software copyright owner is provided with the copyright protection measure usually in software, for example require the user to import product ID when this software is installed, if sequence number is not inconsistent, then interrupt installation procedure, make the disabled user that this software can't be installed; For example refusal is disabled user's update software or the like again.But present software copyright safeguard measure easy crack, the software after cracking still can be as the normal uses of legal software.
Summary of the invention
The present invention mainly solves the problem that antivirus software lags behind viral development, further, solves the serious and use complicated problems of antivirus software resource cost.
The present invention also will solve the problem that still can illegally use after the software copyright safeguard measure is cracked.
The present invention provides software authentication method, and its step comprises:
A. with the file data of executable file as independent variable, generate dependent variable with the algorithm of setting, encrypt the authentication code that dependent variable generates this executable file;
B. the proving program computing machine of packing into, computing machine is verified the request of attempting to move executable file, pass through then refusal operation if can not verify;
Described proving program step is as follows:
B1. with the data of pending file as independent variable, generate dependent variable with the algorithm of above-mentioned setting;
B2. decipher the authentication code of pending file, decryption oprerations and above-mentioned cryptographic operation are reciprocal;
If B3. B1 is consistent with the result that B2 generates, then checking is passed through.
Beneficial effect of the present invention comprises the protection of rogue program and two aspects of software copyright protection.When it should be noted that the present invention with the protection done rogue program, steps A is finished by the user; And as software copyright when protection, steps A is then finished by software copyright owner.
One, to the protection of rogue program
Rogue program always moves on computers as executable file, especially distort original executable file on the computing machine, therefore thinking of the present invention is in advance to the executable file mandate of legal (program means no harm), just refuses unauthorized executable file operation afterwards.As Fig. 1, it is that executable file generates authentication code that the user carries out steps A of the present invention, and the authentication code content is by the data decision of this executable file, and encrypted.Encipheror should be maintained secrecy and had better not be kept on this machine.User's execution in step B packs proving program into behind the computing machine, and computing machine need not just can judge whether each executable file is legal according to authentication code by encipheror, and it judges that principle is:
If an executable file does not have authentication code, then be considered to unknown program, may contain rogue program, should refuse operation.And to having the executable file of authentication code, step B2 can restore the dependent variable that steps A drew originally.If this executable file does not infect rogue program, its data are not just distorted, and it is imposed step B1 just can draw the consistent dependent variable of result that generates with B2, as shown in Figure 2.If the generation result of B1, B2 is inconsistent, then this executable file is distorted as can be known, should refuse operation.
Though the present invention generates authentication code with encipheror, but when checking need not encipheror, therefore encipheror just need not be retained on this machine, and rogue program or general computer user just can't obtain encipheror from this machine so, can be by the authentication code of checking thereby can't generate.
When the user need move new executable file on computers, only need this executable file repeating step A is got final product, and need not revise proving program.
The present invention adopts the strategy of prior mandate, and all undelegated executable files are kept outside of the door.Even novel rogue program, owing to authorized in advance, also can't be by checking.Therefore solve antivirus software and lagged behind the problem that virus develops.
Just because of the present invention can stop all undelegated executable files that comprise new virus, so need not upgrade virus base; And proving program only needs work when request operation executable file, need not carry out daily scanning and monitoring.Therefore solved the problem of resource cost.
Proof rule of the present invention is simple, can not cause and manslaughter, and again because solved the problem of resource cost, therefore need not the user carry out complicated project configuration, uses simple.
Two, software copyright protection
The software that is cracked, the data that wherein relate to the copyright protection measure are also inevitable be distorted, and therefore thinking of the present invention is in advance to the executable file mandate of legal (virus-free), just refuses unauthorized executable file operation afterwards.As Fig. 1, it is that executable file generates authentication code that software copyright owner is carried out steps A of the present invention, and the authentication code content is by the data decision of this executable file, and encrypted.User's execution in step B packs proving program into behind the computing machine, and computing machine judges according to authentication code whether each executable file is legal, and it judges that principle is:
If an executable file does not have authentication code, then be considered to not obtain the software of literary property permission, so the refusal operation.And to having the executable file of authentication code, step B2 can restore the dependent variable that steps A drew originally.If this executable file is not cracked, its data are not just distorted, and it is imposed step B1 just can draw the consistent dependent variable of result that generates with B2, as shown in Figure 2.If the generation result of B1, B2 is inconsistent, then this executable file is distorted as can be known, should refuse operation.The present invention adopts the strategy of prior mandate, and all undelegated executable files are kept outside of the door.The problem that still can illegally use after the software copyright safeguard measure is cracked.
Need not use encipheror when the present invention verifies, encipheror only the copyright owner as can be known, other people just can't generate can by the checking authentication code.
To different software, the authentication code of generation has nothing in common with each other, but identical as long as generate the mode of authentication code, can verify with same proving program.
Description of drawings
Fig. 1 is the schematic diagram of steps A of the present invention.
Fig. 2 is the schematic diagram of proving program.
Embodiment
Software authentication method, its step comprises:
A. with the file data of executable file as independent variable, generate dependent variable with hash function (for example Hash function), encrypt the authentication code that dependent variable generates this executable file;
B. the proving program computing machine of packing into, preferably set proving program and after start, start automatically.
When executable file was attempted to move, proving program was carried out following steps:
B1. with the data of pending file as independent variable, generate dependent variable with the algorithm of above-mentioned setting;
B2. decipher the authentication code of pending file;
If B3. B1 is consistent with the result that B2 generates, then allow this executable file of operation, otherwise the refusal operation.
The suffix name of executable file is generally exe, dll, msi, com etc.
Even the benefit that adopts hash function to generate dependent variable is the data of executable file only by minor modifications, the dependent variable that is generated also has very big change, can detect executable file delicately during checking and be modified.
Above-mentioned decryption oprerations and cryptographic operation are reciprocal.The encryption and decryption operation can be realized that the private key of the cipher key pair of RSA Algorithm is used for encrypting by RSA Algorithm, and PKI is used for deciphering.Private key is just as the key parameter of encipheror so.Described RSA Algorithm is a known technology.
The encryption and decryption operation also can be realized by the ECC elliptic curve.
Claims (4)
1. software authentication method is characterized in that step comprises:
A. with the file data of executable file as independent variable, generate dependent variable with the algorithm of setting, encrypt the authentication code that dependent variable generates this executable file;
B. the proving program computing machine of packing into, computing machine is verified the request of attempting to move executable file, pass through then refusal operation if can not verify;
Described proving program step is as follows:
B1. with the data of pending file as independent variable, generate dependent variable with the algorithm of above-mentioned setting;
B2. decipher the label of pending file, decryption oprerations and above-mentioned cryptographic operation are reciprocal;
If B3. B1 is consistent with the result that B2 generates, then checking is passed through.
2. software authentication method according to claim 1 is set proving program and is started automatically after start.
3. software authentication method according to claim 1, the algorithm of described setting adopts hash function.
4. software authentication method according to claim 1, described encryption and decryption are realized by the ECC elliptic curve.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA200710030684XA CN101136048A (en) | 2007-09-30 | 2007-09-30 | Software identification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA200710030684XA CN101136048A (en) | 2007-09-30 | 2007-09-30 | Software identification method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101136048A true CN101136048A (en) | 2008-03-05 |
Family
ID=39160140
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA200710030684XA Pending CN101136048A (en) | 2007-09-30 | 2007-09-30 | Software identification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101136048A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101667232A (en) * | 2009-07-13 | 2010-03-10 | 北京中软华泰信息技术有限责任公司 | Terminal credible security system and method based on credible computing |
| CN104793947A (en) * | 2015-04-27 | 2015-07-22 | 柳州市网中网络策划中心 | Universal method for developing automatically-updated client software |
| CN104793941A (en) * | 2015-04-27 | 2015-07-22 | 柳州市一呼百应科技有限公司 | Universal method for developing client software |
| CN105740699A (en) * | 2016-03-04 | 2016-07-06 | 浙江大华技术股份有限公司 | Executable program protection method and device |
| CN106534163A (en) * | 2016-12-05 | 2017-03-22 | 上海华测导航技术股份有限公司 | Detection method of receiver |
-
2007
- 2007-09-30 CN CNA200710030684XA patent/CN101136048A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101667232A (en) * | 2009-07-13 | 2010-03-10 | 北京中软华泰信息技术有限责任公司 | Terminal credible security system and method based on credible computing |
| CN101667232B (en) * | 2009-07-13 | 2014-12-10 | 北京可信华泰信息技术有限公司 | Terminal credible security system and method based on credible computing |
| CN104793947A (en) * | 2015-04-27 | 2015-07-22 | 柳州市网中网络策划中心 | Universal method for developing automatically-updated client software |
| CN104793941A (en) * | 2015-04-27 | 2015-07-22 | 柳州市一呼百应科技有限公司 | Universal method for developing client software |
| CN105740699A (en) * | 2016-03-04 | 2016-07-06 | 浙江大华技术股份有限公司 | Executable program protection method and device |
| CN105740699B (en) * | 2016-03-04 | 2018-12-07 | 浙江大华技术股份有限公司 | A kind of guard method of executable program and device |
| CN106534163A (en) * | 2016-12-05 | 2017-03-22 | 上海华测导航技术股份有限公司 | Detection method of receiver |
| CN106534163B (en) * | 2016-12-05 | 2020-03-24 | 上海华测导航技术股份有限公司 | Detection method of receiver |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109923548B (en) | Method, system and computer program product for implementing data protection by supervising process access to encrypted data | |
| US9698988B2 (en) | Management control method, apparatus, and system for virtual machine | |
| Dunn et al. | Cloaking malware with the trusted platform module | |
| US9514300B2 (en) | Systems and methods for enhanced security in wireless communication | |
| CN102855274B (en) | The method and apparatus that a kind of suspicious process detects | |
| US20170302697A1 (en) | Method And System For Dynamic Platform Security In A Device Operating System | |
| US9058504B1 (en) | Anti-malware digital-signature verification | |
| US20070079373A1 (en) | Preventing the installation of rootkits using a master computer | |
| US20070118646A1 (en) | Preventing the installation of rootkits on a standalone computer | |
| CN105260663A (en) | Secure storage service system and method based on TrustZone technology | |
| TWI669626B (en) | Processing method, server and client for preventing copy attacks | |
| JP2019057167A (en) | Computer program, device and determining method | |
| US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
| Yang et al. | TMSUI: A trust management scheme of USB storage devices for industrial control systems | |
| Kansagra et al. | Ransomware: a threat to cyber security | |
| CN101136048A (en) | Software identification method | |
| KR20100054940A (en) | Apparatus and method for preventing malware using signature verification for embedded linux | |
| US7779269B2 (en) | Technique for preventing illegal invocation of software programs | |
| KR101518689B1 (en) | User Terminal to Detect the Tampering of the Applications Using Core Code and Method for Tamper Detection Using the Same | |
| CN110619194B (en) | Upgrade package encryption and decryption methods and devices | |
| CN112613033A (en) | Method and device for safely calling executable file | |
| US20120278883A1 (en) | Method and System for Protecting a Computing System | |
| Suzaki et al. | DeviceVeil: Robust authentication for individual USB devices using physical unclonable functions | |
| CN106971105B (en) | IOS-based application program defense method against false face attack | |
| CN114070548A (en) | Software copyright encryption protection method based on soft dongle device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080305 |