CN102088373A - Monitoring method and device for datum of hardware - Google Patents
Monitoring method and device for datum of hardware Download PDFInfo
- Publication number
- CN102088373A CN102088373A CN2009102538535A CN200910253853A CN102088373A CN 102088373 A CN102088373 A CN 102088373A CN 2009102538535 A CN2009102538535 A CN 2009102538535A CN 200910253853 A CN200910253853 A CN 200910253853A CN 102088373 A CN102088373 A CN 102088373A
- Authority
- CN
- China
- Prior art keywords
- data
- processing unit
- transmission
- address
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a monitoring method and device for a datum of hardware. The datum comprises private information, recognition information and at least one first network transmission address. The monitoring device comprises a storage unit and a processing unit, wherein the datum is stored in the storage unit according to the recognition information; the processing information is used for recording the recognition information of the datum and the at least one first network transmission address in a marking information table; and when the processing unit arranges to transmit the private information of the datum to a second network transmission address which is different from the at least one first network transmission address in order to response to a transmission system call, a signal is output to stop the transmission of the private information.
Description
Technical field
The invention relates to a kind of method for supervising and supervising device that is used to monitor data of a hardware; In more detail, the invention relates to method for supervising and the supervising device that a kind of data of avoiding having privately owned (private) information are suffered improper transmission.
Background technology
Along with the development of information industry, computer and network occupies indispensable status in daily life.For example, with the various data of Computer Processing or with the various information of Web search, shopping and exchanges data or the like, all be the habitual life styles of many people.Say that further the network credit card is checked out, shopping at network places an order and network ATM (automatic teller machine) (web ATM) etc., the network service of often being used especially.
Under the situation of application of aforementioned network service, the data that the user all needs to carry relative private information secretly by network usually are sent to Network Service Provider NSP, and these private informations comprise account number/encrypted message, identity card font size or online trading record etc.Generally speaking, these data of carrying the private information relevant with the user secretly are to be transmitted by browser interface.Therefore, many hackers are convenient to steal the data that these users are sent to Network Service Provider NSP with the leak of browser interface, and then the incident that causes private information now to be leaked emerges in an endless stream.
For example, when the user utilizes browser, in the webpage of Network Service Provider NSP (as Yahoo), input account number/password and login after member's page, user's computer just stores a path and a data name with one, store the data with the account number/password that is relevant to Yahoo of user's input, when the user desires to utilize browser to login the webpage of Yahoo once more, computer can have the data of the account number/password that is relevant to Yahoo by aforesaid storage path and data name access, directly to login member's page.In this process, the hacker can utilize the browser leak, carry out rogue program by the script (for example Javascript or VBscript) after the coding, and by browser, the data that will have an account number/password that is relevant to Yahoo are sent to the go ahead of the rest network address of appointment of hacker.
At this problem, prior art provides a kind of software that is used for the detection of malicious program, it is by analyzing different rogue programs, and set up the database of different types of rogue program feature, with further by these rogue program feature detection and stop the hacker to utilize rogue program and by browser, the data of carrying the private information relevant with the user secretly are sent to the network address of its appointment of going ahead of the rest.
Yet based on the characteristic of script, the software of existing detection of malicious program will quite be difficult to detect by the performed rogue program of script, and can't set up the database with general rogue program feature.In other words, as long as handle through other coded system in order to the script of carrying out rogue program, the software of existing detection of malicious program promptly can't detect and analyze.
In view of this, under the network service situation that day by day maturation and rogue program spread unchecked day by day, how to avoid private information to suffer the improper transmission of rogue program, this is that industry is needed the problem of determining badly.
Summary of the invention
A purpose of the present invention is to provide a kind of supervising device that is used to monitor data of a hardware.These data have a private information, an identifying information and at least one first Network Transmission address.This supervising device comprises a storage element and a processing unit.This storage element is in order to store a label information table and to store this data according to this identifying information.This processing unit is recorded in this label information table in order to identifying information and at least one first Network Transmission address with these data; Call out in response to an access system, according to these these data of identifying information access; Simultaneously, call out a transmission of the private information of arranging (arrange) these data in response to a transmission system.Wherein, it is to be relevant to this identifying information that this access system is called out, and this transmission system calling has one second Network Transmission address.At last, this processing unit will be according to identifying information and at least one first Network Transmission address of this data of this label information table record, judge whether this at least one first Network Transmission address and this second Network Transmission address be identical, when this at least one first Network Transmission address and this second Network Transmission address not simultaneously, this processing unit is promptly exported a signal.
Another object of the present invention is to provide a kind of method for supervising that is used to monitor data of a hardware.These data have a private information, an identifying information and at least one first Network Transmission address, and this data based this identifying information is stored in a storage element.This method for supervising comprises following steps: make a processing unit that identifying information and at least one first Network Transmission address of these data are recorded in a label information table, wherein, this label information table system is stored in this storage element; Call out in response to an access system, make this processing unit according to these these data of identifying information access, wherein, this access system is called out system and is relevant to this identifying information; Call out in response to a transmission system, make this processing unit arrange a transmission of the private information of these data, wherein, this transmission system is called out has one second Network Transmission address; According to identifying information and at least one first Network Transmission address of this data of this label information table record, make this processing unit judge whether this at least one first Network Transmission address and this second Network Transmission address be identical; And when this at least one first Network Transmission address and this second Network Transmission address not simultaneously, make this processing unit export a signal.
In addition, for reaching the described purpose of leading portion, the present invention also provides a kind of computer program, and interior storage is used to monitor the program of method for supervising of data of a hardware, and this program is loaded by computer and can carries out behind the supervising device and can finish the described method for supervising of leading portion.
In sum, method for supervising, supervising device and the computer program thereof of the disclosed data that are used for monitoring a hardware of the present invention can be stored in the label information table with having the identifying information of data of private information and the Network Transmission address that should be transmitted thereof.Simultaneously, the present invention will be according to system calling and the identifying information that is stored in the label information table, when the data with private information are arranged to transmit, the comparison of the Network Transmission network address that is stored in the Network Transmission network address of label information table and is arranged to transmit is suffered the improper transmission of rogue program to avoid private information.
Description of drawings
Behind the execution mode of consulting accompanying drawing and describing subsequently, the technical field of the invention has knows that usually the knowledgeable just can understand other purpose of the present invention, advantage and technological means of the present invention and implement aspect, wherein:
Figure 1A is the schematic diagram according to the supervising device of the first embodiment of the present invention;
Figure 1B is the schematic diagram according to the label information table of the first embodiment of the present invention; And
Fig. 2 is the flow chart of the method for supervising of the second embodiment of the present invention.
Embodiment
Below will explain content of the present invention by embodiment, the invention relates to a kind of method for supervising, its computer program of supervising device in order to the data of monitoring a hardware, the data that its advantage is to prevent to carry secretly private information are transferred to the Network Transmission address of rogue program appointment.Need the expositor, in following examples and the accompanying drawing, all omit and do not illustrate with the non-directly related element of the present invention; And each interelement size relationship is only for asking easy understanding in the accompanying drawing, and is non-in order to the restriction actual ratio.
Shown in Figure 1A, the first embodiment of the present invention is a kind of supervising device 11 that is used to monitor data of a hardware 1.Hardware 1 has a memory 13 and a display unit 15, and the user then can be by each element of an operating system (figure does not illustrate) control hardware 1.Operating system can be the various operating systems of selling on the market, for example Microsft Windows (Windows) operating system, Apple computer Macintosh operating system, (SuSE) Linux OS or Unix operating system etc., in first embodiment, operating system is Microsft Windows operating system.Hardware 1 then can be personal computer (Personal Computer; PC) or the Macintosh (Macintosh that sells of Apple Computer; MAC), in first embodiment, 1 on hardware is personal computer (PersonalComputer; PC).Be noted that the present invention does not limit the kind of operating system and hardware 1, affiliated technical field know usually operating system, hardware that the knowledgeable also can use other kind with and collocation finish the present invention, so do not repeat them here.
For instance, when the user passes through browser and hardware 1, the data 2 that prepare to transmit the private information with account number/password are during to the first Network Transmission address 20 (as 209.191.93.53) of the server of Network Service Provider NSP (as Yahoo), processing unit 113 will according to store the path (as C: Documents andSettings user Local Settings Cookies cookie:user@yahoo.com) and data name (as cookie:user@yahoo.com), storage data 2 is in storage element 111 and/or memory 13.Simultaneously, processing unit 113 will store the path " C: Documents and Settings user LocalSettings Cookies cookie:user@yahoo.com ", data name " cookie:user@yahoo.com " and the first Network Transmission address " 209.191.93.53 " be stored in the label information table 10.
What need special instruction is, the present invention is the quantity of the first Network Transmission address 20 of limit markers information table 10 storages not, be that the user can pass through browser and hardware 1, the data 2 that will have same identifying information 22 are sent to a plurality of first Network Transmission addresses 20 simultaneously, affiliated technical field has knows that usually the knowledgeable can further store other first Network Transmission address 20 according to above stated specification, so do not repeat them here.
Simultaneously, the private information person's of being to use alert and resourceful information, for example: account number/password (account and password) information, computer recording (cookie) information and browser are finished data (browser auto completedata) information automatically.The present invention does not limit the kind of private information, and affiliated technical field has knows that usually the knowledgeable also can set up the kind and the quantity of private information on their own, so do not repeat them here.
Call out 12 when processing unit 113 in response to an access system, during according to identifying information 22 access datas 2, processing unit 113 will carry out a series of programs.What need special instruction is that it is to be relevant to identifying information 22 that access system calls out 12.For example, access system calling 12 can be data open system calling, data reading system calling, data copy system calling, data mobile system calling, data shutdown system calling or a removing accumulator system calling.
In present embodiment, processing unit 113 will be called out in response to a data open system, and according to identifying information 22 turn-on data 2, wherein, the data open system is called out has a transmission parameter, and transmits system of parameters corresponding to identifying information 22.In detail, processing unit 113 will be according to the follow procedure code, the unlatching of judgment data 2:
Wherein, the aforesaid data open system of " OpenFile " representative is called out; " cookie:user@yahoo.com " be the data name of representative data 2 then; " HANDLE " then is the transmission parameter corresponding to identifying information 22, and be in other words promptly relevant with identifying information 22 if having transmission parameter " HANDLE " in other system calling, represents that these system callings all are that data 2 are carried out access action.When identifying information 22 judgment data 2 of processing unit 113 according to label information table 10 are unlocked, begin to monitor and write down all relevant system callings immediately.
Then, processing unit 113 is called out in response to a data reading system, and the private information of data 2 is stored to a first memory address 131, and wherein, data reading system is called out has aforesaid transmission parameter, and transmits parameter corresponding to first memory address 131.Further, processing unit 113 will be according to the follow procedure code, the reading of judgment data 2:
Wherein, " ReadFileEx " representative data reading system is called out.Because it is relevant with identifying information 22 to transmit parameter " HANDLE ", so processing unit 113 is incited somebody to action reading of judgment data 2 by this.In addition, parameter " lpBuffer " representative data 2 is stored to the first memory address 131 (as 0x04e463b9) of memory 13.Simultaneously, processing unit 131 is recorded in the storage address (being first memory address 131) of the private information of storage data 2 in the storage element 111.
In present embodiment, processing unit 113 also will be called out and/or the data mobile system is called out in response to data copy system, and the private information of data 2 is duplicated and/or move to a second memory address 133 by the first memory address 131 of memory 13.Simultaneously, after the private information of data 2 duplicated and/or moves, processing unit 113 write down the storage address (being first memory address 131 and/or second memory address 133) of the private information of storage data 2 and/or upgrades in storage element 111.The explanation that data copy system is called out and the data mobile system is called out is as follows with division.
Particularly, processing unit 113 will be according to the follow procedure code, and the private information of judgment data 2 is copied to second memory address 133 from first memory address 131:
void*memcpy(
void*dest,
const?void*src,);
Wherein, " memcpy " representative data dubbing system is called out; Parameter " * dest " is represented second memory address 133 (as 0x00123456); Parameter " * src " is represented first memory address 131 (being 0x04e463b9).On the other hand, processing unit 113 will be according to the follow procedure code, and the private information of judgment data 2 moves to second memory address 133 from first memory address 131:
mov?eax[ebx];
" mov " representative data mobile system is called out; Parameter " eax " (for example: 0x00123456) is represented second memory address 133; Parameter " ebx " is represented first memory address 131 (being 0x04e463b9).
What need special instruction is, carry out closing or removing of data 2 if processing unit 113 calls out or remove the accumulator system calling in response to the data shutdown system, whether then processing unit 113 will continue monitoring according to label information table 10 constantly has other data with private information by access.Implement in the aspect in another, processing unit 113 will be according to the follow procedure code, and judgment data 2 is closed or removes:
Wherein, " FileClose " and " free " calling of representative data shutdown system and calling of removing accumulator system respectively.Because it is relevant with identifying information 22 to transmit parameter " Handle ", so processing unit 113 is incited somebody to action closing of judgment data 2 by this.In addition, parameter " * ptr " representative desires to close the memory of data address; Parameter " eax " representative is eliminated the memory of data address.Whether processing unit 113 equals the value of comparative parameter " * ptr " or parameter " eax " the present storage address (being second memory address 133) that stores of private information of data 2; If represent that then data 2 are closed or are eliminated.
As shown in the above description, be different from the method for existing simple comparison database with the detection of malicious behavior, supervising device 11 of the present invention will be according to the transmission parameter of each system calling, judge whether that the private information that access system is called out data 2 carries out access, simultaneously according to storage address corresponding to the transmission parameter, the storage address of the private information of record and/or renewal storage data 2, and then finish follow-up monitoring.
Subsequently, processing unit 113 will call out 14 in response to a transmission system, a transmission of arranging data 2.Particularly, transmission system calling 14 has a transmission data memory addresses and one second Network Transmission address (figure does not illustrate).In present embodiment, the second Network Transmission address is the Network Transmission address (as 129.342.33.22) that rogue program is set.Particularly, processing unit 113 will be according to the follow procedure code, and arranging data 2 transfers to the second Network Transmission address:
Wherein, " connect " represents a system calling of setting up long-range line; " send " represents one to transmit the system calling of data 2 by the line set up; Parameter " * name " is represented the second Network Transmission address (being 129.342.33.22); Parameter " * buf " representative transmission data memory addresses.Processing unit 113 is with the transmission data memory addresses (being the value of parameter " * buf ") of systems for taking and transmitting calling 14, and whether judgement transmission data memory addresses is identical with the storage address (being first memory address 131 and/or second memory address 133) of the private information of storage data 2.
When processing unit 113 judges that transmission data memory addresses (being the value of parameter " * buf ") is identical with first memory address 131 (being 0x04e463b9) and/or second memory address 133 (being 0x00123456), represent that promptly data 2 will be transferred into the second Network Transmission address.Then, processing unit 113 promptly according to the identifying information 22 and the first Network Transmission address 20 of the data 2 of label information table 10 record, judges whether the second Network Transmission address is identical with the first Network Transmission address 20.In present embodiment, because the second Network Transmission address (being 129.342.33.22) is different with the first Network Transmission address 20 (being 209.191.93.53), this is the Network Transmission address that representative data 2 will be transferred into the rogue program appointment.This moment, processing unit 113 was just exported a signal 100 to display unit 15.
Implement in the aspect in other, if processing unit 113 is judged transmission data memory addresses (being the value of parameter " * buf ") and first memory address 131 and/or second memory address 133 not simultaneously, represent that then the data that present tendency to develop is sent not are private information, processing unit 113 will carry out the transmission of data, and the processing unit 113 of supervising device 11 will can not compare the step of Network Transmission address simultaneously.
Then, processing unit 113 will continue supervisory control system and call out the action of whether transmitting for data 2 constantly, monitor whether other data with private information are arranged by access constantly according to label information table 10 simultaneously.
The second embodiment of the present invention is a kind of method for supervising that is used to monitor data of a hardware as shown in Figure 2.Method for supervising of the present invention can be used for a supervising device, for example the described supervising device 11 of first embodiment.Supervising device comprises a storage element and a processing unit.Wherein, data have a private information, an identifying information and at least one first Network Transmission address, and data system is stored in storage element according to identifying information.Private information can be one account number/encrypted message, a computer recording information and a browser finish automatically data message wherein one.
Particularly, the described method for supervising of second embodiment can be carried out by a computer program, when supervising device is loaded this computer program and carries out a plurality of instructions that this computer program comprises by a computer after, can finish the described method for supervising of second embodiment.Aforesaid computer program can be stored in the computer-readable medium storing, for example read-only memory (read only memory; ROM), flash memory, floppy disk, hard disk, CD, with oneself dish, tape, can or be familiar with this operator by the database of network access and had now and have in any other Storage Media of identical function.
The method for supervising of second embodiment comprises following steps.At first execution in step 201, and processing unit is recorded in a label information table with identifying information and at least one first Network Transmission address of data, and wherein, label information table system is stored in the storage element.Identifying information comprises one and stores a path and a data name, and data are to be stored in storage element according to storing path and data name.
In step 202, to call out in response to an access system, processing unit is according to the identifying information access data, and wherein, access system is called out system and is relevant to identifying information.
For example, in step 202, processing unit will be called out in response to a data open system, and according to the identifying information turn-on data, wherein, the data open system is called out has a transmission parameter, and transmits parameter corresponding to identifying information; Also will call out in response to a data reading system with post-processing unit, the private information of data is stored to a first memory address, wherein data reading system is called out and is also had aforesaid transmission parameter, and transmits parameter corresponding to the first memory address.
Implement in the aspect in one, processing unit is called out in response to a data copy system, with the private information of data by first memory address reproduction to second memory address; Perhaps in another implements aspect, processing unit will be called out in response to a data mobile system, and the private information of data is moved to the second memory address by the first memory address.At last, in step 202, processing unit is recorded in the storage address (being first memory address and/or second memory bit address) of the private information of storage data in the storage element, and the implementation detail of relevant step 202 describes in first embodiment, so do not repeat them here.
In step 203, processing unit will be called out a transmission of arranging data in response to a transmission system, and wherein, transmission system is called out has a transmission data memory addresses and one second a Network Transmission address.Then in step 204, the transmission data memory addresses that processing unit is called out systems for taking and transmitting, and judge whether the transmission memory address is identical with the storage address (being first memory address and/or second memory address) of the private information of storage data.If then execution in step 205, processing unit will judge whether at least one first Network Transmission address and the second Network Transmission address be identical according to identifying information and at least one first Network Transmission address of the data of label information table record.
When if processing unit judges that in step 205 at least one first Network Transmission address and the second Network Transmission address are identical, then execution in step 206, the information of data is sent to the second Network Transmission address, and returns step 202, wait other access system and call out, with other data of access.If processing unit is judged at least one first Network Transmission address and the second Network Transmission address not simultaneously in step 205, then execution in step 207, make processing unit export a signal.Then, make a display unit show a caution message according to aforesaid signal in step 208.At last, execution in step 209, processing unit stops the transmission of the private information of data according to signal, and returns step 202, waits other access system and calls out, with other data of access.
If processing unit is judged transmission memory address and first memory address and/or second memory address not simultaneously in step 204, the information of the data that the expression tendency to develop is defeated is not private information, follow execution in step 206, the information of data is sent to the second Network Transmission address, and return step 202, wait other access system and call out, with other data of access.
Except above-mentioned steps, method for supervising of the present invention also can be carried out described all operations of first embodiment and function, under technical field have know usually the knowledgeable can be directly acquainted with method for supervising of the present invention how based on above-mentioned first embodiment to carry out these operations and function, so do not repeat them here.
Comprehensively above-mentioned, method for supervising of the present invention, supervising device and computer program thereof will write down the identifying information of the data with private information and the Network Transmission address that should be transmitted thereof in advance in the label information table.Subsequently, promptly have the monitoring of the data of private information,, then stop to have the transmission of the data of private information if when transmission system call out to be prepared to have the data of private information and is sent to the Unrecorded Network Transmission network address of label information table according to system calling.In view of the above, the present invention can avoid private information to suffer the improper transmission of rogue program.
The above embodiments only are used for exemplifying enforcement aspect of the present invention, and explain technical characterictic of the present invention, are not to be used for limiting protection category of the present invention.Any be familiar with this operator can unlabored change or the arrangement of the isotropism scope that all belongs to the present invention and advocated, the scope of the present invention should be as the criterion with claim.
Claims (20)
1. method for supervising that is used to monitor data of a hardware, these data have a private information, an identifying information and at least one first Network Transmission address, and this data based this identifying information is stored in a storage element, and this method for supervising comprises the following step:
Make a processing unit that identifying information and at least one first Network Transmission address of these data are recorded in a label information table, wherein, this label information table is stored in this storage element;
Call out in response to an access system, make this processing unit according to these these data of identifying information access, wherein, it is to be relevant to this identifying information that this access system is called out;
Call out in response to a transmission system, make this processing unit arrange a transmission of the private information of these data, wherein, this transmission system is called out has one second Network Transmission address;
According to identifying information and at least one first Network Transmission address of this data of this label information table record, make this processing unit judge whether this at least one first Network Transmission address and this second Network Transmission address be identical; And
When this at least one first Network Transmission address and this second Network Transmission address not simultaneously, make this processing unit export a signal.
2. method for supervising as claimed in claim 1 is characterized in that, this identifying information comprises one and stores a path and a data name, and this data based this storage path and this data name are stored in this storage element.
3. method for supervising as claimed in claim 1 is characterized in that, the step of these data of access comprises following steps:
Call out in response to having a data open system of transmitting parameter, make this processing unit open this data according to this identifying information;
Wherein, this transmits parameter corresponding to this identifying information.
4. method for supervising as claimed in claim 3 is characterized in that, the step of these data of access also comprises following steps:
Call out in response to a data reading system, make this processing unit that the private information of these data is stored to a first memory address with this transmission parameter;
Wherein, this transmits parameter corresponding to this first memory address.
5. method for supervising as claimed in claim 4 is characterized in that, this transmission system is called out has a transmission data memory addresses, arranges a step of transmitting of the private information of these data also to comprise the following step:
Make this processing unit capture the transmission data memory addresses that this transmission system is called out; And
Make this processing unit judge whether this transmission data memory addresses is identical with this first memory address;
Wherein, when this transmission data memory addresses was identical with this first memory address, this processing unit was arranged the transmission of the private information of these data.
6. method for supervising as claimed in claim 4 is characterized in that, the step of these data of access also comprises following steps:
Call out in response to a data copy system, make this processing unit with the private information of these data by this first memory address reproduction to second memory address.
7. method for supervising as claimed in claim 4 is characterized in that, the step of these data of access also comprises following steps:
Call out in response to a data mobile system, make this processing unit that the private information of these data is moved to a second memory address by this first memory address.
8. method for supervising as claimed in claim 1 is characterized in that this hardware has a display unit, and this method for supervising also comprises the following step:
According to this signal, make this display unit show a caution message.
9. method for supervising as claimed in claim 1 is characterized in that, also comprises the following step:
According to this signal, make this processing unit stop the transmission of the private information of these data.
10. method for supervising as claimed in claim 1 is characterized in that, this private information be one account number/encrypted message, a computer recording information and a browser finish automatically data message one of them.
11. a supervising device that is used to monitor data of a hardware, these data have a private information, an identifying information and at least one first Network Transmission address, and this supervising device comprises:
One storage element, in order to store a label information table and to store this data according to this identifying information: and
One processing unit, be recorded in this label information table in order to identifying information and at least one first Network Transmission address with these data, call out in response to an access system, according to these these data of identifying information access, call out a transmission of the private information of arranging these data simultaneously in response to a transmission system, wherein, it is to be relevant to this identifying information that this access system is called out, and this transmission system is called out has one second Network Transmission address;
Wherein, this processing unit is also according to identifying information and at least one first Network Transmission address of this data of this label information table record, judge whether this at least one first Network Transmission address and this second Network Transmission address be identical, when this at least one first Network Transmission address and this second Network Transmission address not simultaneously, this processing unit is exported a signal.
12. supervising device as claimed in claim 11 is characterized in that, this identifying information comprises one and stores a path and a data name, this processing unit according to this store path and this data name with this data storing in this storage element.
13. supervising device as claimed in claim 11, it is characterized in that, this access system is called out to comprise has a data open system calling of transmitting parameter, this transmission parameter is corresponding to this identifying information, this processing unit is called out in response to this data open system, opens this data according to this identifying information.
14. supervising device as claimed in claim 13, it is characterized in that, this access system is called out and is also comprised the data reading system calling with this transmission parameter, this transmission parameter is corresponding to a first memory address, and the private information that this processing unit is called out these data in response to this data reading system is stored to this first memory address.
15. supervising device as claimed in claim 14, it is characterized in that, this transmission system is called out has a transmission data memory addresses, this processing unit captures the transmission data memory addresses that this transmission system is called out, and judge whether this transmission data memory addresses is identical with this first memory address, when this transmission data memory addresses was identical with this first memory address, this processing unit was arranged the transmission of the private information of these data.
16. supervising device as claimed in claim 14, it is characterized in that, this access system is called out and is also comprised a data copy system and call out, and this processing unit is called out in response to this data copy system, with the private information of these data by this first memory address reproduction to second memory address.
17. supervising device as claimed in claim 14, it is characterized in that, this access system is called out and is also comprised a data mobile system and call out, and this processing unit is called out in response to this data mobile system, and the private information of these data is moved to a second memory address by this first memory address.
18. supervising device as claimed in claim 11 is characterized in that, this hardware has a display unit, and wherein, this display unit is in order to show a caution message according to this signal.
19. supervising device as claimed in claim 11 is characterized in that, this processing unit also stops the transmission of the private information of these data according to this signal.
20. supervising device as claimed in claim 11 is characterized in that, this private information be one account number/encrypted message, a computer recording information and a browser finish automatically data message one of them.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910253853 CN102088373B (en) | 2009-12-03 | 2009-12-03 | Monitoring method and device for datum of hardware |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910253853 CN102088373B (en) | 2009-12-03 | 2009-12-03 | Monitoring method and device for datum of hardware |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102088373A true CN102088373A (en) | 2011-06-08 |
| CN102088373B CN102088373B (en) | 2013-10-09 |
Family
ID=44099995
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910253853 Active CN102088373B (en) | 2009-12-03 | 2009-12-03 | Monitoring method and device for datum of hardware |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102088373B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103853624A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Monitoring method and monitoring device of hardware data |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5568645A (en) * | 1991-08-21 | 1996-10-22 | Norand Corporation | Versatile RF data capture system |
| CN1501623A (en) * | 2002-11-18 | 2004-06-02 | 西门子公司 | Method and apparatus for remotely transmitting sensitive data |
| CN1809056A (en) * | 2005-01-18 | 2006-07-26 | 英业达股份有限公司 | iSCSI-based storage device access control system and its method |
-
2009
- 2009-12-03 CN CN 200910253853 patent/CN102088373B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5568645A (en) * | 1991-08-21 | 1996-10-22 | Norand Corporation | Versatile RF data capture system |
| CN1501623A (en) * | 2002-11-18 | 2004-06-02 | 西门子公司 | Method and apparatus for remotely transmitting sensitive data |
| CN1809056A (en) * | 2005-01-18 | 2006-07-26 | 英业达股份有限公司 | iSCSI-based storage device access control system and its method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103853624A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Monitoring method and monitoring device of hardware data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102088373B (en) | 2013-10-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100541489C (en) | External metadata is handled | |
| JP4301516B2 (en) | Method for restricting use of file, information processing apparatus, and program | |
| TWI453623B (en) | Method,computer-readable medlum,and apparatus for recovering infomat10n using a snapshot database | |
| CN103514075B (en) | The method and apparatus that monitoring api function is called in the terminal | |
| US9807125B2 (en) | System and method for tracking and auditing data access in a network environment | |
| CN101341493A (en) | Computer data management method, program, and recording medium | |
| CN107302586A (en) | A kind of Webshell detection methods and device, computer installation, readable storage medium storing program for executing | |
| WO2008001823A1 (en) | Computer data management method, program, and recording medium | |
| CN104881483B (en) | Automatic detection evidence collecting method for the attack of Hadoop platform leaking data | |
| CN101236531B (en) | Memory and its automatic protection realization method | |
| CN106502814A (en) | A kind of method and device of record PCIE device error message | |
| CN105069374A (en) | Private data intercepting protection method and system | |
| CN106055419A (en) | Device and method for exception handling of vehicle-mounted embedded system | |
| CN111435384A (en) | Data security processing and data tracing method, device and equipment | |
| CN102088373B (en) | Monitoring method and device for datum of hardware | |
| CN106951790B (en) | USB storage medium transparent encryption method | |
| CN108228611B (en) | Document information copying method and device | |
| CN105653989A (en) | Anti-leakage method and device for information | |
| CN108229180B (en) | Screenshot data processing method and device and electronic equipment | |
| WO2022083236A1 (en) | Animated video backup method and apparatus therefor, and animated video management method and apparatus therefor | |
| JP2009230587A (en) | Data management method of electronic computer, and program therefor | |
| TWI434173B (en) | Monitor method, monitor apparatus and computer program product thereof for monitoring a data of a hardware | |
| US20110138485A1 (en) | Monitor method and monitor apparatus for monitoring data of hardware | |
| CN103677829B (en) | Object Operations accesses the method controlled | |
| CN108834128B (en) | Mobile phone number management method, device, system and terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |